CrawlJobs Logo

Security Research Engineer

Costa Rica, San José · Job Posted February 17, 2026
Apply Position
Job Link Share

Job Description

Security represents one of the most critical priorities for customers operating in today’s complex and rapidly evolving threat landscape. Microsoft Security is dedicated to making the world a safer place by delivering an integrated security cloud that protects users, developers, and organizations with end‑to‑end, simplified solutions. Our mission is to secure digital platforms, devices, applications, identities, and cloud environments across heterogeneous customer ecosystems while also protecting Microsoft’s own internal estate. Within this mission, the Defender Experts (DEX) team plays a vital role by delivering expert‑led cybersecurity investigations at scale. Using rich telemetry and signals from Microsoft 365 Defender and other Microsoft security technologies, DEX helps customers rapidly understand, validate, and respond to suspicious or malicious activity. Our work gives organizations the clarity and confidence they need to strengthen their security posture. We are seeking a Senior Security Analyst (Tier 2) with strong experience in security investigations, attacker tradecraft analysis, and multi‑signal correlation. In this role, you will analyze complex security data, apply deep knowledge of the threat landscape, and determine whether activity represents a real threat. You will deliver clear, actionable findings and recommendations that help customers protect their environment. This role requires strong investigative skills, critical thinking, and the ability to differentiate benign from malicious behavior with confidence. This position is ideal for experienced cybersecurity professionals who thrive on analytical problem‑solving, attacker behavior research, and meaningful customer‑focused security work. It is a great opportunity for individuals motivated by impact, learning, and continuous improvement.

Job Responsibility

  • Analyze and validate security alerts, anomalies, and behavioral patterns within Microsoft 365 Defender and related telemetry to validate detections and understand attacker intent
  • Apply attacker methodology frameworks (MITRE ATT&CK, Cyber Kill Chain) to contextualize threats, assess progression, and determine potential impact
  • Investigate identity centric threats, credential misuse, lateral movement, cloud-based attacks, and modern techniques commonly used in human operated ransomware, Business Email Compromise (BEC), and stealthy persistence campaigns
  • Correlate large and complex datasets using Kusto Query Language (KQL) and investigate tooling to uncover relationships, patterns and root cause
  • Differentiate benign, misconfigured, suspicious, and malicious activity with confidence, supported by defensible evidence
  • Deliver customer facing investigation summaries that clearly articulate what occurred, why it matters, and the recommended next steps
  • Contribute to continuous improvement efforts by identifying gaps, false positives, attacker trends, and opportunities for tooling or process enhancements
  • Stay informed on SOC and threat landscape trends, including AI driven attack automation, identity-targeted campaigns, cloud compromise techniques, and evolving redteam tradecraft

Requirements

  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Minimum 3 years of hands‑on experience in areas such as Security Operations (SOC Tier 2+), Cybersecurity Investigations, Incident Response, or Threat Hunting
  • Proven ability to analyze alerts and telemetry from EDR/XDR solutions—preferably Microsoft 365 Defender—and conduct investigations involving identity misuse, authentication anomalies, or suspicious access patterns
  • Solid understanding of operating system internals, security mitigations, and common threats across Windows, Linux, and Mac environments
  • Familiarity with MITRE ATT&CK and Cyber Kill Chain frameworks to structure, guide, and communicate investigative findings
  • Advanced English level

Nice to have

  • Hands-on expertise with Microsoft 365 Defender components, including Endpoint, Identity, Cloud Apps, and Email Protection
  • Prior experience as a Tier-2 or Tier-3 analyst validating alerts, investigations, or threat-intelligence
  • Experience investigating cloud environments (Azure, AWS, GCP) and associated network telemetry
  • Knowledge of major cloud and productivity platforms as well as identity systems and related security concerns
  • Familiarity with common identity-based attacks (OAuth abuse, token theft, Kerberos/NTLM anomalies, conditional access bypass patterns)
  • Experience with offensive security including tools such as Metasploit, exploit development, Open-Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks
  • Experience conveying data into clear security narratives (“tell the story”)
  • Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC
  • Investigative mindset with excellent critical thinking, pattern recognition, and analytical skills
  • Experience with direct customer communication in a service delivery role
  • Solid interpersonal and cross‑functional collaboration abilities. Capable of clearly articulating investigation results and translating technical insights into business‑driven recommendations for improving detection and response capabilities

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Research Engineer

8 matching positions

Senior Security Engineer and Principal Security Engineer (Multiple Positions)- Windows Security

The Microsoft Windows Security team is looking for learn-it-all security enginee...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Senior Security Engineer and Principal Security Engineer

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
  • 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
  • 5+ years of experience in a software engineering or security-related engineering
  • Demanstrated experience in security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Cyber Security Research Engineer 3 / Application Penetration Tester

In this contingent resource assignment, you may: Consult on or participate in mo...
Location
Location
United States , Charlotte
Salary
Salary:
Not provided
apexsystems.com Logo
Apex Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of hands-on application penetration testing experience (manual testing required)
  • Experience with DAST tools and validating/triaging vulnerabilities
  • Strong knowledge of web application security (OWASP Top 10, APIs, authentication/authorization)
Job Responsibility
Job Responsibility
  • Conduct manual penetration testing of web applications, APIs, and mobile platforms
  • Perform authentication, authorization, and business logic testing
  • Identify, validate, and exploit vulnerabilities beyond automated scanner results
  • Configure and tune DAST tools to enhance testing coverage
  • Use industry tools (Burp Suite, WebInspect, Fiddler, etc.) to support manual testing
  • Triage false positives and validate scan findings
  • Reproduce and demonstrate security vulnerabilities with clear impact
  • Document findings with detailed steps, evidence, and remediation guidance
  • Deliver high-quality reports for both technical and non-technical audiences
  • Partner with development and security teams to drive vulnerability remediation
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • Life insurance
  • Disability insurance
  • ESPP (employee stock purchase program)
  • 401K program with company match after 12 months
  • HSA (Health Savings Account on the HDHP plan)
  • SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions
  • Corporate discount savings program
  • Fulltime
Read More
Arrow Right

Security Research Engineer - IDS/IPS Signature Developer

Security Research Engineer - IDS/IPS Signature Developer. This role has been des...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of network protocols (TCP/IP, HTTP, DNS, SSL/TLS, etc.)
  • Hands-on experience with IDS/IPS platforms (e.g., Snort, Suricata, Zeek)
  • Proficiency in signature writing languages (Snort/Suricata rule syntax, YARA)
  • Solid understanding and practical use of Regular Expressions (Regex) for pattern matching and signature creation
  • Familiarity with malware analysis, exploit kits, and penetration testing tools
  • Experience with packet capture tools (Wireshark, tcpdump)
  • Strong grasp of attack techniques (buffer overflows, SQL injection, XSS, privilege escalation)
  • Strong analytical and problem-solving skills
  • Excellent written and verbal communication skills
  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field
Job Responsibility
Job Responsibility
  • Research and analyze network-based threats, exploits, and malware behavior
  • Design, develop, and maintain IDS/IPS signatures to detect and prevent intrusions
  • Perform packet analysis and traffic inspection to validate signature accuracy and effectiveness
  • Conduct false positive/false negative analysis to improve detection quality
  • Stay updated with latest CVEs, attack techniques, and security trends
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
Read More
Arrow Right

Senior Security Research Engineer

Microsoft Defender Experts Team is looking for an experienced professional to jo...
Location
Location
Costa Rica , San José
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • equivalent experience
  • Over 7 years of hands‑on experience in technical cybersecurity roles—including Security Operations, Threat Intelligence, Incident Response, and Penetration Testing/Red Team
  • Advanced English level
  • Advanced Portuguese level
Job Responsibility
Job Responsibility
  • Work directly with senior leaders of our customers’ security organizations as design partners on new cloud detection and response innovations, as well as to ensure excellent customer satisfaction with our products and services
  • Partner with your team of Microsoft Threat Experts providing deep research and analysis of threats impacting our customers
  • Work cross-functionally with engineering, marketing, and business leaders to innovate and deliver new security service offerings at a global scale
  • Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection solutions/strategies across customer tools
  • Work with other internal and external teams to forge new and improve existing partnerships that help mature the products that support Defender Experts service offerings
  • Provide technical leadership in a challenging and rewarding environment and influence the organization
  • Fulltime
Read More
Arrow Right

Senior Research Engineer – OT Cyber Security

Senior Research Engineer role focusing on OT Cyber Security at The Manufacturing...
Location
Location
United Kingdom , Coventry
Salary
Salary:
50000.00 - 60000.00 GBP / Year
the-mtc.org Logo
Manufacturing Technology Centre
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in working in an OT environment, with good knowledge of manufacturing challenges
  • Awareness of relevant cyber security standards and frameworks, such as NIST CSF, UK Cyber Essentials Scheme, OWASP guidance (incl. on AI), IEC 62443, legislation on cyber resilience including EU Cyber Resilience Act (CRA) and UK PTSI
  • Familiarity with network and infrastructure design and the implementation of secure-by-design principles
  • Bachelor’s degree in Cyber Security, Computer Science, Information Systems, or relevant industrial/commercial experience
  • 5+ years of experience in cyber security roles, preferably in OT/IT environments
  • Strong communication and presentation skills to both internal and external stakeholders
  • Ability to work collaboratively across departments and with external partners
  • Mindset for continuous development of new skills and knowledge
  • Analytical mindset with attention to detail and problem-solving abilities
Job Responsibility
Job Responsibility
  • Contribute to the design and implementation of infrastructure architecture (IT) and manufacturing (OT) systems based on secure by design principles, for MTC internal as well as customer research projects
  • Oversee cybersecurity testing activities to identify vulnerabilities and exploits
  • Work with colleagues and technology partners to further expand MTC’s capabilities in this domain, to deliver impact for UK manufacturing
  • Support MTC’s Digital Transformation Advisors with customer cyber security queries, and knowledge on implementation and adherence to national cyber security standards such as Cyber Essentials +
  • Work with MTC’s technology partners to maintain and expand testbeds to demonstrate cyber security best practices in the OT domain (network monitoring, asset management, etc.)
  • Keeping abreast of latest developments in standards and technologies in the cyber security domain, in relation to OT, critical infrastructure and AI
  • Create and maintain collateral to keep our customers informed about the latest guidance, legislation and best practice
  • Support MTC Business Development (BD) with proposal writing to win collaborative research & industrial projects in the cyber security domain
  • Provide clear communication and presentations to technical and non-technical stakeholders and manage relationships with customers and suppliers to align their cybersecurity expectations
What we offer
What we offer
  • Hybrid/Flexible working
  • Vitality Medical
  • Company Pension
  • Tusker Car Scheme
  • Cycle 2 work scheme
  • Fulltime
Read More
Arrow Right

Senior Security Research - Security for AI - Microsoft Defender for CloudApps

Come and be part of a dynamic team focused on securing cutting-edge AI and cloud...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.Sc. or M.Sc. in Computer Science, Software Engineering, or equivalent practical experience (e.g., service in an elite technology unit in the IDF)
  • 6+ years of experience in the computer security industry, with strong knowledge of adversary tradecraft, security operations, incident response, threat hunting, and emerging threats targeting modern cloud environments
  • 3+ years of experience researching, prototyping, and driving engineering requirements for threat protection systems
  • Code fluency in C, Python, or Rust
  • Deep understanding of the security threat landscape, including the modern attacker kill chain and MITRE ATT&CK, particularly in cloud, application, identity, and AI-related threat scenarios
Job Responsibility
Job Responsibility
  • Research and develop detection methods for new and advanced attack techniques - from exploits to implants. Build end-to-end PoCs, from offensive testing to scalable detection, across all our cloud and identity platforms
  • Stay up to date on the latest attack trends and build strong detections across the kill chain - covering agentic AI & LLM threats, cloud and identity-based attacks
  • Collaborate with multiple product and engineering teams to design the next iteration of security products, implement detection ideas and validate their effectiveness using a data-driven approach
  • Collaborate with data science teams to drive ML based protections, understand, and identify detection gaps, capabilities, assumptions, and improvements
  • Provide cybersecurity expertise as needed during security escalations and incidents to help protect Microsoft and our customers
  • Fulltime
Read More
Arrow Right

Security Engineer, Agent Security

The team’s mission is to accelerate the secure evolution of agentic AI systems a...
Location
Location
United States , San Francisco
Salary
Salary:
293000.00 - 385000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong software-engineering skills in Python or at least one systems language (Go, Rust, C/C++), plus a track record of shipping and operating secure, high-reliability services
  • Deep expertise in modern isolation techniques – experience with container security, kernel-level hardening, and other isolation methods
  • Hands-on network security experience – implementing identity-based controls, policy enforcement, and secure large-scale telemetry pipelines
  • Clear, concise communication that bridges engineering, research, and leadership audiences
  • comfort influencing roadmaps and driving consensus
  • Bias for action & ownership – you thrive in ambiguity, move quickly without sacrificing rigor, and elevate the security bar company-wide from day one
  • Cloud security depth on at least one major provider (Azure, AWS, GCP), including identity federation, workload IAM, and infrastructure-as-code best practices
Job Responsibility
Job Responsibility
  • Architecting security controls for agentic AI – design, implement, and iterate on identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement) that integrate directly with the Agent Infrastructure stack
  • Building production-grade security tooling – ship code that hardens safety monitoring pipelines across agent executions at scale
  • Collaborating cross-functionally – work daily with Agent Infrastructure, product, research, safety, and security teams to balance security, performance, and usability
  • Influencing strategy & standards – shape the long-term Agent Security roadmap, publish best practices internally and externally, and help define industry standards for securing autonomous AI
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right