CrawlJobs Logo

Principal Security Researcher

https://www.microsoft.com/ Logo

Microsoft Corporation

Location Icon

Location:
United States , Redmond

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

142800.00 - 304200.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Microsoft Threat Protection Research (MTP-R) Purple Team sits at the intersection of offense, defense, and intelligence, working across Microsoft Defender technologies to ensure telemetry, detections, and protections are effective against real-world cyberattacks. We are looking for a Principal-level red team security researcher with experience in adversary emulation, offensive tooling, and malware development to design and execute realistic attack simulations in an AI-first environment. This role will use agentic systems and LLM-driven workflows to scale attack development, automation, and simulation fidelity, while helping shape how AI-enabled offensive research is used to emulate modern adversaries in controlled, high-impact ways.

Job Responsibility:

  • Lead the design and execution of complex, multi-stage adversary simulations across endpoint, identity, cloud, and SaaS environments
  • Architect and develop advanced offensive tooling, including scalable C2 frameworks, custom implants, and malware tradecraft
  • Conduct deep research into modern attacker techniques, including novel evasion strategies, cloud abuse patterns, and identity-based attacks
  • Drive threat modeling and adversary emulation strategy, aligning simulations with real-world campaigns and emerging threats
  • Leverage and contribute to threat intelligence by producing new insights from simulation results, tradecraft research, and adversary behavior analysis
  • Design and implement AI-enabled and agentic systems to automate offensive operations, generate adaptive attack paths, and scale simulation complexity
  • Evaluate the effectiveness of defensive systems, including AI-driven detections, and provide strategic recommendations for improvement
  • Partner with engineering, detection, and intelligence teams to influence product direction and improve security outcomes
  • Deliver executive-level briefings, technical reports, and strategic recommendations
  • Act as a technical leader, shaping offensive research methodology, mentoring team members, and driving long-term innovation

Requirements:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter

Nice to have:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience
  • 5+ years of experience in red teaming, offensive security, or adversary emulation
  • Security related certifications such as OSCP, OSCE, OSEP, OSWE, GPEN, GXPN, GREM
  • Expertise in C2 framework design, implant development, and offensive infrastructure
  • Background in malware development, reverse engineering, or exploit development
  • Experience leveraging and producing threat intelligence at the campaign or actor level
  • Knowledge of MITRE ATT&CK and threat modeling methodologies

Additional Information:

Job Posted:
May 16, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Microsoft Corporation - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Principal Security Researcher

Principal Applied Researcher AI/NLP

At PointClickCare our mission is simple: to help providers deliver exceptional c...
Location
Location
United States
Salary
Salary:
195800.00 - 217500.00 USD / Year
pointclickcare.com Logo
PointClickCare
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD or comparable level of experience in Computer Science, Math, Physics, Engineering or a related field
  • 4-10+ year industry experience building solutions in commercial SaaS, including at least 4 years working in applications of NLP, Search or AI/ML technologies for healthcare
  • Strong interest in applying AI/ML/NLP to healthcare related problems and data
  • Expert-level practical, hands-on experience developing and applying a wide range of techniques in Natural Language Processing, including fine tuning of LLMs and other Transformer models, plus one or more additional AI/ML or Search related areas of expertise to solve real-world problems at scale
  • Demonstrated ability to lead and perform research and experimentation to select appropriate approaches, algorithms, evaluation methods, and frameworks, as well as tasks such as feature selection, language modeling, evaluation and fine tuning or training models, applying standard approaches or developing new tools or workflows as needed to meet project requirements
  • Significant experience building and deploying AI/machine learning and NLP models for large-scale SaaS products, including familiarity with industry standard software development concepts such as scaling issues, version control, CI/CD pipelines, and security
  • Solid understanding and experience with transformer models and multiple kinds of NLP and ML models and approaches including logistic regression, random forest, ensemble methods, SVM, KNN, reinforcement learning, and other ML techniques
  • Proficiency in Python and Java required. Proficiency in JavaScript or TypeScript and modern UI frameworks for building prototype or tool front ends desired
  • Proficiency doing data engineering for ML and NLP applications, including exposure to database systems and proficiency with SQL
  • Proficiency building models from big data using modern packages, models and data analysis stacks such as NumPy, SciPy, Pandas, Scikit-learn, PyTorch, Keras, LightGBM, fastText, NLTK, and spaCy. Proficiency fine tuning Hugging Face Transformers required
Job Responsibility
Job Responsibility
  • You will be applying NLP including GenAI and other AI/ML techniques to develop model systems and solutions, collaborating across functions to scale and integrate advanced solutions into successful end user experiences in large-scale cloud based SaaS production environments for healthcare
  • You will be working with product leaders, clinical informaticists, data scientists, UI/UX researchers and designers, other AI and machine learning and domain experts, engineering teams and others, including work with customers and users who are healthcare professionals
  • Design, build and evaluate solutions that may involve structured or unstructured data including speech or natural language for healthcare use cases, delivering capabilities such as summarization, predictive models, recommenders, semantic search, extraction, classification or other NLP, AI or machine learning based techniques
  • You will be performing research and experimentation to select appropriate approaches, algorithms, evaluation methods and frameworks and doing the R&D to deliver model systems
  • You will perform, oversee and assist in data collection, data cleaning, data analysis, algorithm selection or design, prompt tuning, parameter fine tuning, training, development and evaluation of systems that deliver responsible AI solutions at scale, using existing or developing new tools or workflows as needed
  • As a principal applied researcher, you will bring deep technical expertise and also provide mentorship on advanced AI, NLP, data science, statistical and machine learning methods and technologies, helping the organization develop new capabilities for innovative solutions
  • You will have substantial independence and responsibility from day one
What we offer
What we offer
  • Benefits starting from Day 1
  • Retirement Plan Matching
  • Flexible Paid Time Off
  • Wellness Support Programs and Resources
  • Parental & Caregiver Leaves
  • Fertility & Adoption Support
  • Continuous Development Support Program
  • Employee Assistance Program
  • Allyship and Inclusion Communities
  • Employee Recognition … and more
  • Fulltime
Read More
Arrow Right

Principal Investigator, Federal Research Projects

We are seeking a Principal Investigator (PI) to support proposal development and...
Location
Location
United States
Salary
Salary:
Not provided
daqscribe.com Logo
DaqScribe Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in embedded computing systems and real-time signal processing
  • Experience in Artificial Intelligence (AI) and Machine Learning (ML)
  • Proven leadership in conducting research projects and managing small teams
  • Skilled in data analysis and research methodologies
  • Excellent problem-solving and critical thinking abilities
  • Strong written and verbal communication skills
  • Ability to work independently and in a remote environment
  • Master’s or Ph.D. in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field
  • U.S. citizenship is required
  • Must be able to obtain and obtain a security clearance at the Secret (S) and Top Secret (TS) levels
Job Responsibility
Job Responsibility
  • Lead proposal development for federal research opportunities in relevant topic areas or related domains
  • Manage and guide a multidisciplinary research team through concept, execution, and delivery
  • Design, implement, and evaluate novel signal processing and machine learning methodologies
  • Contribute to commercialization strategies stemming from federally sponsored R&D projects
  • Interface with government sponsors, collaborators, and internal teams throughout the research lifecycle
  • Participate in the “Technology Transfer” and commercialization process for all prototypes and technologies developed through government-funded research projects
  • Fulltime
Read More
Arrow Right

Principal Security Researcher - Cloud & AI (Cortex Cloud)

As a Principal Security Researcher on the Cortex Cloud research team, you’ll lea...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 6 years in security research, including at least 2 years focused on cloud security
  • Deep understanding of IAM, network, and data services posture in AWS, Azure, or GCP Research
  • Strong understanding of the attacker’s mindset and proven experience in applying defensive tactics
  • Hands-on experience in programming and scripting with C++/Python
  • Experience with AI / Web/ Cloud/ K8S vulnerability research
  • Proven ability to conceptualize, plan, and execute research from ideation through POC to full implementation
  • Excellent communication and teamwork skills, with the ability to lead initiatives and work collaboratively across the organization
Job Responsibility
Job Responsibility
  • Research and uncover vulnerabilities and abuse paths in cloud services, with a strong focus on AI, identity, and data pipelines
  • Collaborate with product and engineering to ship detections and logic based on your findings
  • Research-driven impact - drive innovation from idea to execution: Identify emerging security gaps, build proof-of-concepts, and partner with engineering, product and marketing to translate research into actual product features and detection logic
  • Represent the team through public blogs, conferences and research collaborations with cloud vendors
  • Publish internal or external research and represent the team at industry events or blogs
  • Lead the discovery of novel attack vectors- e.g., cross-tenant access, NHI abuse, RAG poisoning, privilege escalation
Read More
Arrow Right

Principal Security Engineering Manager - Edge Browser

The Microsoft Edge Browser Security Team is responsible for securing Edge client...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • 1+ year(s) people management experience
Job Responsibility
Job Responsibility
  • Provide line management to a team of engineers located in Redmond. Embody Microsoft’s management philosophy of Model, Coach & Care
  • Be fully invested helping to develop and grow our engineers
  • Be able to help plan and execute strategies for growing Edge’s capabilities. Drive initiatives to identify and mitigate security risk for our customers
  • Oversee our security response work, acting on reports from vulnerability researchers
  • Monitor and alert the security health of Edge and plan remedial actions
  • Collaborate with other security teams across Microsoft to design and develop new security mitigations and defences
  • Work closely with our partners in the Chromium community to improve browser security
  • Leverage curiosity and learn new skills to operate in a fast-paced and ever-changing environment
  • Interact with the external security community, researchers and security conference presenters
  • Excel in cross-group and interpersonal skills, with the ability to articulate the business need for security
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • Restricted stock units
  • Bonus
  • Fulltime
Read More
Arrow Right

Principal Security Researcher - Microsoft Red Team

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Multiple Locations
Salary
Salary:
163000.00 - 296400.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Research and discover zero-day vulnerabilities in cloud environments and associated technologies
  • Develop and implement proof-of-concept exploits to demonstrate potential risks and work closely with engineering teams to address findings
  • Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsoft’s infrastructure
  • Develop tools and techniques to scale and accelerate adversary emulation and vulnerability discovery
  • Partner with operational teams to execute targeted attacks on these systems, simulating real-world threat scenarios
  • Advocate for security change across the company through building partnerships and clearly communicating impact of risks
  • Embody our culture and values
  • Fulltime
Read More
Arrow Right

Associate Vice President for Research Computing

The Associate Vice President (AVP) for Research Computing serves as the senior e...
Location
Location
United States of America , Rochester
Salary
Salary:
205245.00 - 328392.00 USD / Year
urmc.rochester.edu Logo
University of Rochester
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in a relevant field of study.
  • Doctoral or advanced degree in a relevant field of study, advanced strongly preferred.
  • Minimum of 10 years of experience in informatics and computational research, with at least 5 years in a leadership role preferred.
  • Experience as a faculty member in higher education preferred.
  • Experience working in research-intensive higher education environment preferred.
  • Deep understanding of the research lifecycle and advanced knowledge of HPC architectures, scientific software, cloud-based research environments, and large-scale data storage.
  • Working knowledge of scientific concepts in fields such as biology, biochemistry, genomic, imaging, chemistry, physics and data science / AI
  • Proven ability to lead large technical teams, foster faculty partnerships, and manage multimillion-dollar research computing portfolios.
  • Strong communication skills and ability to interact effectively at all organization levels.
  • Broad IT experience including solutions architecture, application development, engineering, business analysis, and project management.
Job Responsibility
Job Responsibility
  • Lead the development and execution of a long-range strategic plan for research computing that supports the university’s R1 research mission, including investments in HPC, research storage, AI/ML environments, cloud platforms, secure data enclaves and staffing.
  • Collaborate with the Vice President for Research and IT, Deans, and faculty leaders to define institutional priorities, align resources, and support cutting-edge, interdisciplinary research initiatives.
  • Represent the University in national and international consortia focused on research computing infrastructure, research data governance, and secure research computing.
  • Serve as a strategic advisor to executive leadership on research policy, funding, and risk management related to advanced research computing.
  • Oversee Operations, performance, and lifecycle management of the University’s research computing environment, including HPC clusters and cloud platforms.
  • Lead cross-functional technical teams responsible for system design, user support, research application integration, and compliance with research security standards (e.g.NIST 800-171, FISMA)
  • Oversee service-level agreements, uptime metrics, downtime and maintenance procedures and communications and annual investment planning to ensure the environment remains resilient, scalable, and aligned with faculty needs.
  • Act as a campus-wide leader and trusted advisor to faculty and research teams across disciplines, proactively identifying research needs and aligning computational services accordingly.
  • Lead outreach, onboarding, and education programs that expand awareness of research computing services and improve access and usability for all research teams, especially those in emerging or underserved disciplines.
  • Oversee consultation and proposal development services that support grant applications, including effort related to compute budgeting, data management planning, and infrastructure letters of support.
  • Fulltime
Read More
Arrow Right