CrawlJobs Logo

Principal Security Researcher

United States, Redmond Employment contract 142800.00 - 304200.00 USD / Year · Job Posted May 16, 2026
Apply Position
Job Link Share

Job Description

The Microsoft Threat Protection Research (MTP-R) Purple Team sits at the intersection of offense, defense, and intelligence, working across Microsoft Defender technologies to ensure telemetry, detections, and protections are effective against real-world cyberattacks. We are looking for a Principal-level red team security researcher with experience in adversary emulation, offensive tooling, and malware development to design and execute realistic attack simulations in an AI-first environment. This role will use agentic systems and LLM-driven workflows to scale attack development, automation, and simulation fidelity, while helping shape how AI-enabled offensive research is used to emulate modern adversaries in controlled, high-impact ways.

Job Responsibility

  • Lead the design and execution of complex, multi-stage adversary simulations across endpoint, identity, cloud, and SaaS environments
  • Architect and develop advanced offensive tooling, including scalable C2 frameworks, custom implants, and malware tradecraft
  • Conduct deep research into modern attacker techniques, including novel evasion strategies, cloud abuse patterns, and identity-based attacks
  • Drive threat modeling and adversary emulation strategy, aligning simulations with real-world campaigns and emerging threats
  • Leverage and contribute to threat intelligence by producing new insights from simulation results, tradecraft research, and adversary behavior analysis
  • Design and implement AI-enabled and agentic systems to automate offensive operations, generate adaptive attack paths, and scale simulation complexity
  • Evaluate the effectiveness of defensive systems, including AI-driven detections, and provide strategic recommendations for improvement
  • Partner with engineering, detection, and intelligence teams to influence product direction and improve security outcomes
  • Deliver executive-level briefings, technical reports, and strategic recommendations
  • Act as a technical leader, shaping offensive research methodology, mentoring team members, and driving long-term innovation

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter

Nice to have

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience
  • 5+ years of experience in red teaming, offensive security, or adversary emulation
  • Security related certifications such as OSCP, OSCE, OSEP, OSWE, GPEN, GXPN, GREM
  • Expertise in C2 framework design, implant development, and offensive infrastructure
  • Background in malware development, reverse engineering, or exploit development
  • Experience leveraging and producing threat intelligence at the campaign or actor level
  • Knowledge of MITRE ATT&CK and threat modeling methodologies

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Principal Security Researcher

8 matching positions

New

Principal Security Researcher

You will be part of the team that builds and delivers the threat detection capab...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep hands-on experience in vulnerability research, exploit analysis, IPS/IDS detection, offensive security, or closely related threat prevention work
  • Proven ability to identify important technical problems, propose detection ideas, drive execution, and deliver measurable product or customer impact
  • Deep understanding of common vulnerability classes and exploit techniques, including memory corruption, injection, authentication bypass, path traversal, SSRF, RCE, XSS, SQL injection, CSRF, MITM, and DoS
  • Strong ability to analyze vulnerability root cause, exploitability, PoC behavior, network traffic, protocol behavior, application-layer attack patterns, and detection tradeoffs
  • Experience translating vulnerability or exploit understanding into production-quality IPS signatures, IDS detections, network detections, or other customer-facing protections
  • Strong understanding of network protocols and application-layer behavior, especially HTTP, DNS, SMB, FTP, SMTP, TCP/UDP, TLS, and related protocols
  • Strong programming or scripting skills for research automation, tooling, test generation, detection development, or pipeline improvements
  • Ability to lead complex technical work under ambiguity, guide other researchers or developers, and make sound technical decisions under time pressure
  • Experience using AI, ML, automation, or research tooling to improve security analysis, detection development, validation, or response workflows is highly desirable
  • Foundational understanding of AI security scenarios or AI-assisted security workflows is a plus
Job Responsibility
Job Responsibility
  • Shape ATP detection strategy by identifying important vulnerability, exploit, and attack technique areas where new or improved protections are needed
  • Drive innovative detection ideas from concept to production, delivering measurable improvements in coverage, quality, speed, or scalability
  • Improve rapid response capability for zero-days, high-impact CVEs, and emerging attack vectors by guiding technical assessment, detection strategy, and release decisions
  • Raise the quality and consistency of IPS protections by defining detection approaches, validation expectations, and technical review standards for complex cases
  • Expand the team's ability to deliver protections at scale through practical automation, detection pipeline improvements, and AI-assisted research workflows
  • Provide hands-on technical leadership to researchers or developers through direction, review, problem decomposition, and execution guidance
  • Influence cross-functional decisions with product, QA, engineering, and research partners to ensure detections are technically sound, customer-relevant, and production-ready
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Principal Security Researcher

Security is one of the most critical priorities for our customers in a world of ...
Location
Location
United States , Redmond
Salary
Salary:
142800.00 - 304200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Design and execute purple team simulations that emulate real-world threat actors, techniques, and campaigns across endpoint, identity, cloud, and email surfaces, incorporating both human-driven and agentic execution models.
  • Partner closely with Microsoft Defender engineering, research, and threat intelligence teams to evaluate detection coverage, investigation quality, and response effectiveness.
  • Analyze telemetry using Kusto / KQL to validate detection logic, uncover gaps, and measure signal quality at scale.
  • Translate attacker tradecraft into actionable insights for defenders, including detection recommendations, telemetry requirements, and investigation improvements.
  • Apply frameworks such as MITRE ATT&CK to map adversary behavior, identify coverage gaps, and communicate findings clearly to technical and non-technical audiences.
  • Leverage and contribute to threat intelligence by both consuming real-world campaign data and producing new insights through simulation outcomes, TTP discovery, and adversary emulation research.
  • Design, build, and leverage AI-enabled and agentic systems to automate simulation workflows, generate attack variations, validate detections, and accelerate post-simulation analysis.
  • Evaluate the effectiveness of AI-driven detections and defenses, identifying strengths, gaps, and opportunities for improvement across agentic security capabilities.
  • Contribute to written simulation reports, executive presentations, and technical documentation that influence product and security strategy.
  • Fulltime
Read More
Arrow Right

Principal Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United Kingdom , Cambridge
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years experience in software or systems development lifecycle and cybersecurity OR bachelor’s degree in computer science or related field
  • Professional experience with developing automation with at least one of the following: PowerShell, Python, Bash
  • Professional experience with Azure technology including but not limited to
  • EntraId, Azure Front Door, Networking, ARM Deployment, Logic Apps, Functions, Automation, Storage, Alerting
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Identifying potential threats, allowing for proactive defense before an actual incident
  • Building proof-of-concept, prototype, and production-ready threat hunting tools, automations, and new capabilities
  • Driving product and tooling improvements by conveying learnings from threat hunting and incident response at scale to engineering partner teams
  • Monitor, maintain, and iterate on proprietary solutions that enable our team to threat hunt
  • Implement security controls of relevant mitigations to defend against current and future threat landscape
  • Contribute across teams in producing extensible, testable, and maintainable code
  • Strong problem-solving skills, a passion for quality, and the ability to manage ambiguity, short timelines, and changing priorities
  • Fulltime
Read More
Arrow Right

Principal Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • 8+ years of experience in cybersecurity, with hands-on background in blue team operations, SOC, incident response, or detection engineering
  • 5+ years of experience understanding of attacker techniques, post-exploitation behavior, and investigative workflows in enterprise environments
  • 5+ years of experience working with security telemetry and log data, including practical use of KQL or similar query languages
  • Experience with the Microsoft Defender suite of products
  • Prior purple team, threat hunting, or adversary emulation experience
Job Responsibility
Job Responsibility
  • Design and execute purple team simulations that emulate real-world threat actors, techniques, and campaigns across endpoint, identity, cloud, and email surfaces
  • Partner closely with Microsoft Defender engineering, research, and threat intelligence teams to evaluate detection coverage, investigation quality, and response effectiveness
  • Analyze telemetry using Kusto / KQL to validate detection logic, uncover gaps, and measure signal quality
  • Translate attacker tradecraft into actionable insights for defenders, including detection recommendations, telemetry requirements, and investigation improvements
  • Apply frameworks such as MITRE ATT&CK to map adversary behavior, identify coverage gaps, and communicate findings clearly to technical and non-technical audiences
  • Leverage threat intelligence to inform simulation design, prioritize scenarios, and ensure relevance to active and emerging threats
  • Contribute to high-quality written simulation reports, executive presentations, and technical documentation that influence product and security strategy
  • Act as an experienced technical voice within the Purple Team, helping shape methodology, standards, and long-term research direction
  • Fulltime
Read More
Arrow Right

Principal Security Researcher

Are you passionate about disrupting CloudSecurity Join us at Microsoft, the larg...
Location
Location
Israel , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of hands-on experience in security research
  • Previous experience with Azure, AWS, GCP, and/or Kubernetes and container security
  • Strong understanding of attackers’ mindset and ability to apply defensive tactics to protect against them
  • B.Sc./M.Sc. degree in Computer Science or a related technical discipline
  • Team player with excellent collaboration and communication skills
  • Strong problem-solving skills and the ability to navigate ambiguity and make informed decisions in a fast-paced environment
  • BS or higher degree preferred
Job Responsibility
Job Responsibility
  • Conduct in-depth analysis and research on cloud and containerized environments to identify threats, vulnerabilities, and potential risks
  • Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection strategies across the entire kill-chain
  • Collaborate with internal and external teams to forge new defenses and concepts that help mature Microsoft security products
  • Demonstrate leadership in an exceptionally challenging and rewarding environment and influence the organization
  • Fulltime
Read More
Arrow Right

Principal Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science or related field
  • OR 7+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • 2+ years of experience with coding
  • 1+ years of experience with language models or machine learning
  • 1+ years leading security initiatives and publishing research
  • 1+ years mentoring and guiding researchers
  • Ability to meet Microsoft, customer and/or government security screening requirements
Job Responsibility
Job Responsibility
  • Investigate, analyze, and learn from ongoing cybersecurity attacks in order to develop durable detection and prevention solution/strategies across the kill-chain or product/OS enhancements
  • Design, code, and maintain client-side and cloud machine learning and automation systems that powers cybersecurity protection in our products and services
  • Experiment with and apply large language models and agentic systems to protect our customers and improve our internal systems
  • Support the management of incidents by applying technical knowledge to diagnose and triage issues with a commitment to maintaining the quality of products and services
  • Work with other internal and external teams to forge new and improve existing partnerships that help mature the product
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • Restricted stock units
  • Bonus
  • Fulltime
Read More
Arrow Right