CrawlJobs Logo

Security Researcher

Costa Rica, Multiple Locations · Job Posted July 03, 2026
Apply Position
Job Link Share

Job Description

Security is one of the most critical priorities for customers operating in today’s complex and rapidly evolving threat landscape. Microsoft Security is committed to making the world a safer place by delivering an integrated security cloud that empowers users, customers, and developers with end‑to‑end, simplified protection. Our mission is to secure digital platforms, identities, devices, and cloud environments across diverse customer ecosystems while also safeguarding Microsoft’s own internal estate. Our culture is rooted in a growth mindset, continuous learning, and a drive for excellence. We encourage teams to contribute meaningfully every day, fostering an environment where innovation thrives and creates meaningful impact for billions of people worldwide. The Defender Experts (DEX) team plays a vital role in this mission by delivering expert‑led cybersecurity investigations at scale. By leveraging rich telemetry and signals from Microsoft 365 Defender and other Microsoft security technologies, DEX helps customers quickly understand, validate, and respond to suspicious or malicious activity in their environments. We are seeking for Security Researchers with proven experience in security investigations, attacker tradecraft analysis, and signal correlation. In this role, you will analyze complex security data, apply deep threat‑landscape expertise, and determine whether activity represents a real threat. You will provide clear, actionable findings and recommendations that strengthen customer security. This position is well suited for security professionals who thrive on analytical problem‑solving, attacker behavior research, and impactful, customer‑focused work.

Job Responsibility

  • Analyze and validate security alerts, anomalies, and behavioral patterns within Microsoft 365 Defender and related telemetry to validate detections and understand attacker intent
  • Apply attacker methodology frameworks (MITRE ATT&CK, Cyber Kill Chain) to contextualize threats, assess progression, and determine potential impact
  • Investigate identity centric threats, credential misuse, lateral movement, cloud-based attacks, and modern techniques commonly used in human operated ransomware, Business Email Compromise (BEC), and stealthy persistence campaigns
  • Correlate large and complex datasets using Kusto Query Language (KQL) and investigate tooling to uncover relationships, patterns and root cause
  • Differentiate benign, misconfigured, suspicious, and malicious activity with confidence, supported by defensible evidence
  • Deliver customer facing investigation summaries that clearly articulate what occurred, why it matters, and the recommended next steps

Requirements

  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND at least 2 years of experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in the same fields AND at least 1 year of experience in the same domains
  • OR equivalent experience
  • 3+ years of hands-on experience in one or more of the following areas: Security Operations (SOC Tier 2 or higher)
  • Cybersecurity Investigations
  • Incident Response (IR)
  • or Threat Hunting
  • Proficiency in English
  • Ability to work a consistent schedule from 10:00 AM to 7:00 PM Costa Rica time, aligned to either a Sunday–Thursday or Tuesday–Saturday workweek
  • Availability to participate in an on-call rotation, including weekend coverage

Nice to have

  • Proven experience analyzing alerts and telemetry from EDR/XDR platforms, preferably Microsoft 365 Defender
  • Investigative mindset with effective critical thinking, pattern recognition, and analytical skills
  • Familiarity with the MITRE ATT&CK Framework and Cyber Kill Chain models
  • Knowledge of operating system internals, OS security mitigations & understanding of Security challenges in Windows, Linux and Mac platforms
  • Experience performing investigations involving identity misuse, authentication anomalies, or suspicious access patterns
  • Effective cross-group and interpersonal skills
  • Experience with direct customer communication in a service delivery role
  • Hands-on expertise with Microsoft 365 Defender components, including Endpoint, Identity, Cloud Apps, and Email Protection
  • Prior experience as a Tier-2 or Tier-3 analyst validating alerts, investigations, or threat-intelligence
  • Experience investigating cloud environments (Azure, AWS, GCP) and associated network telemetry
  • Knowledge of major cloud and productivity platforms as well as identity systems and related security concerns
  • Familiarity with common identity-based attacks (OAuth abuse, token theft, Kerberos/NTLM anomalies, conditional access bypass patterns)
  • Experience with offensive security including tools such as Metasploit, exploit development, Open-Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Researcher

8 matching positions

Security Researcher

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 3 years of experience as a Security Researcher
  • Vulnerability research experience in any of the following languages: Python, Node.JS, Java, C
  • Experience with code exploitation (for example, Penetration testing in backend environments or web applications, or binary exploitation)
  • Programming experience in Python
  • Experience in writing technical reports
  • Experience in binary reverse engineering - an advantage
  • DevOps experience - an advantage
Job Responsibility
Job Responsibility
  • Research CVEs and 1-day vulnerabilities in various programming languages and ecosystems
  • Define how to automatically find exploitable vulnerabilities & develop code that identifies the instances where a vulnerability is exploitable
  • Perform security research on various open-source technologies, frameworks, and libraries
  • Write technical reports regarding all research subjects mentioned above
  • Fulltime
Read More
Arrow Right

Security Researcher

Join one of the elite research teams powering Microsoft Defender, the dominant m...
Location
Location
Israel , Tel Aviv; Herzliya
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 4+ years of hands-on experience in security research or threat hunting, with a specialized focus on identity, cloud, or AI-based threat scenarios
  • Deep understanding of the threat landscape, including modern attacker techniques, AI-driven threats, and complex kill-chains, with a focus on platform internals across OS, Cloud Workloads and Identity platforms
  • Proven ability to reason over large-scale datasets using big-data query languages, applying security expertise to identify novel patterns and make evidence-based decisions
  • Familiarity with cloud environments (e.g., Azure, AWS) and the specific security challenges inherent to hybrid and multi-cloud infrastructures in large enterprise customers
  • Experience hunting across diverse signal sources, effectively uncovering threats within on-premises, hybrid, and cloud environments
Job Responsibility
Job Responsibility
  • Investigate real world advanced attacker TTPs to develop high-fidelity protection signals, and robust logic across complex kill-chains
  • Design and implement innovative capabilities that autonomously prevent, detect and disrupt sophisticated threats in near real-time
  • Infuse deep security expertise into the analysis of massive telemetry sets using big-data query languages, reasoning over data to identify novel malicious patterns, and drive evidence-based research decisions
  • Partner with engineering and product teams to share research insights, validate protection concepts, and push ideas forward into production-ready protection at a global scale
  • Contribute expert insights to a strategic feedback loop by analyzing real-world attack data and telemetry to refine protection coverage and accuracy
  • Fulltime
Read More
Arrow Right

Security Researcher

Microsoft Defender for Endpoint (MDE) is a product for preventative protection, ...
Location
Location
United States , Redmond
Salary
Salary:
84200.00 - 165200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field OR equivalent experience
  • 1+ years of experience in software development
  • 1+ years of experience with large-scale data, utilizing either distributed data processing frameworks (e.g., Apache Spark, Hadoop), real-time data streaming platforms (e.g., Kafka), or query languages like SQL and KQL
  • 1+ years of experience with Large Language Models and/or agentic systems
Job Responsibility
Job Responsibility
  • Investigate attacks through threat hunting on top of product telemetry - identifying protection gaps and opportunities for systems to better protect our customers
  • Experiment with and apply large language models and agentic systems to protect our customers and improve our internal systems
  • Propose, design, experiment, and implement machine learning and automation designs to protect our customers
  • Collaborate closely with engineering and product teams to design security sensors, validate protection concepts, and measure effectiveness using data-driven methodologies
  • Own end-to-end lifecycle from hypothesis to productionization
  • Fulltime
Read More
Arrow Right

Security Researcher

Microsoft Defender Experts provides expert-led services that help organizations ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Graduate degree in engineering or equivalent discipline
  • 3–5 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team)
  • Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.)
  • Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations
  • Proficiency in KQL, Python, or similar scripting languages for data analysis and automation
  • Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs
  • Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics
  • This role requires the candidate to work in shifts
Job Responsibility
Job Responsibility
  • Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC, Sentinel etc.)
  • Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network
  • Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors
  • Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies
  • Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows
  • Contribute to incident documentation, detection playbooks, and operational runbooks
  • Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT)
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Researcher - Security Automation (Cortex)

Join a team redefining cloud security operations across Cloud Detection & Respon...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years in security engineering, cloud operations, incident response, threat hunting, DevSecOps, or related security disciplines.
  • 2+ years of hands-on experience securing or operating environments within Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Infrastructure (GCI/GCP).
  • Strong experience with Kubernetes, containers, and modern cloud-native architectures.
  • Deep understanding of cloud networking concepts, including VPC Flow Logs, Transit Gateways, service meshes, and traffic patterns (East-West vs. North-South).
  • Strong comprehension of identity systems (IAM) and how policies interact with network controls to establish secure boundaries.
  • Experience with CI/CD pipelines and modern software delivery practices.
  • Proven experience with incident triage, investigations, containment, remediation, or formal operational response processes.
  • Experience with posture management, governance controls, or applying security best practices such as CIS Benchmarks and recognized cloud architecture frameworks.
  • Strong scripting or programming proficiency in languages such as Python, Go, or Bash.
  • Excellent communication skills, demonstrating the ability to clearly explain complex findings and facilitate alignment across cross-functional teams.
Job Responsibility
Job Responsibility
  • Help build the next generation of the Autonomous Cloud SOC by transforming detections, posture findings, and emerging threats into intelligent investigation and response workflows.
  • Design and build automated playbooks that investigate security signals, gather evidence, assess blast radius, validate risk, and guide or execute response actions.
  • Work across cloud control planes, identity systems, Kubernetes environments, network telemetry, and posture data to turn signals into high-confidence outcomes.
  • Leverage existing detections, continuously improve investigation logic, and ensure response workflows remain effective as cloud environments and attacker techniques evolve.
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • Restricted stock units
  • Bonus
  • Fulltime
Read More
Arrow Right

Principal/ Senior Security Researcher Linux & API Security EDR

Are you an innovative security researcher with a deep understanding of Linux sys...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity research, with a proven track record of impactful projects
  • Good knowledge of Linux OS internals, including both user and kernel space
  • Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs
  • Hands-on experience in real-world threat hunting, incident response, or detection engineering
  • Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs
  • Excellent problem-solving skills and a passion for cybersecurity innovation
  • Ability to work independently, take initiative, and collaborate effectively in a team environment
Job Responsibility
Job Responsibility
  • Play a pivotal role in shaping the future of our security solutions
  • Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules
  • Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms
  • Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base
  • Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert
  • Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems
  • Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies
  • Collaborate closely with engineering, product management, and other research teams to translate research findings into production features
  • Fulltime
Read More
Arrow Right