Job Description
Protecting billions of users and the world’s largest digital estates is among the hardest and highest-stakes challenges in technology. Microsoft Security exists to meet it — empowering every user, customer, and developer with end-to-end, simplified protection across heterogeneous, multi-cloud environments, while securing Microsoft’s own global estate. Our culture is built on a growth mindset, a drive for technical excellence, and the expectation that we bring our best each day to innovations that impact billions of lives. Microsoft Security Research (MSecR) is the research engine behind Microsoft’s protection stack — turning planetary-scale telemetry, adversary intelligence, and AI-driven systems into proactive detection, disruption, and pre-emption of advanced threats. We work across the full estate — endpoint, identity, email, cloud apps, SaaS, and multi-cloud infrastructure — shifting protection left by transforming raw signal into actionable intelligence and production-grade detections. We are actively building the next generation of agentic, AI-assisted investigation and detection systems that change how defenders operate at scale. We are seeking a Principal Threat Research Lead to drive next-generation threat research across Threat Intelligence (TI), AI-driven analytics, and detection engineering. This is a senior leadership role that will have researchers reporting: you will set technical direction and stay deep in the craft — personally shaping research, advancing detection systems, and influencing platform-level capabilities across Microsoft Security. You will partner closely with product, engineering, operations, and TI teams to deliver durable, scalable protection for global enterprise customers. In this role, you will operate at the intersection of threat intelligence, advanced analytics, and AI systems, leading high-impact initiatives that define how large-scale security platforms anticipate and respond to emerging threats. You will partner closely with product, engineering, operations, and threat intelligence teams to deliver durable, scalable protection for global enterprise customers.