CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Senior Security Researcher

United States, Redmond 119800.00 - 234700.00 USD / Year · Job Posted May 29, 2026
Apply Position
Job Link Share

Job Description

Security is one of the most critical priorities for our customers in a world of growing digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world safer by empowering every user, customer, and developer with a security cloud that delivers end-to-end, simplified protection. The Microsoft Security organization advances this mission by helping secure digital technology platforms, devices, and clouds across customers’ heterogeneous environments, while also protecting Microsoft’s internal estate. Our culture is grounded in a growth mindset, inspiring excellence, and enabling teams and leaders to bring their full potential each day. The Microsoft Threat Protection Research (MTP-R) Purple Team sits at the intersection of offense, defense, and intelligence, working across Microsoft Defender technologies to ensure telemetry, detections, and protections are effective against real-world cyberattacks. We are looking for a senior-level red team security researcher with experience in adversary emulation, offensive tooling, and malware development to design and execute realistic attack simulations in an AI-first environment. This role will use agentic systems and LLM-driven workflows to scale attack development, automation, and simulation fidelity, while helping shape how AI-enabled offensive research is used to emulate modern adversaries in controlled, high-impact ways.

Job Responsibility

  • Design and execute adversary simulations that emulate real-world threat actors across endpoint, identity, cloud, and SaaS environments
  • Develop and modify offensive tooling, including custom payloads, loaders, and command-and-control (C2) frameworks
  • Conduct malware development and tradecraft research to replicate modern attacker techniques such as evasion, persistence, and lateral movement
  • Leverage threat intelligence to inform adversary emulation scenarios, including campaign design, TTP selection, and operational sequencing
  • Apply threat modeling frameworks such as MITRE ATT&CK to emulate realistic attack paths and identify defensive gaps
  • Utilize AI-enabled and agentic systems to generate attack variations, automate tradecraft execution, and scale simulation coverage
  • Partner with blue team and detection engineering teams to validate detections and improve defensive capabilities
  • Analyze telemetry generated from simulations to assess detection coverage and identify opportunities for improvement
  • Contribute to simulation reports, technical documentation, and internal knowledge sharing
  • Collaborate across teams to improve offensive tooling, methodologies, and research practices

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Must pass Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter

Nice to have

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience
  • OR Master's Degree AND 6+ years experience
  • OR Bachelor's Degree AND 8+ years experience
  • 5+ years of incident response, threat hunting, and/or SOC experience
  • Experience leveraging and producing threat intelligence at the campaign or actor level
  • Knowledge of MITRE ATT&CK and threat modeling methodologies
  • Security related certifications such as GCIA, GMON, GCIH, CISA
  • 3+ years of experience with coding
  • Experience in classical and deep learning machine learning methods
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Researcher

8 matching positions

Senior Security Research Engineer

Senior Security Research Engineer position at HPE's Security Lab in Bristol, UK....
Location
Location
United Kingdom , Bristol
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD (or equivalent research experience)
  • 8+ or more years of experience
  • Track record of innovation driven into products
  • Experience as a technical leader
  • Knowledge of system security techniques and principles
  • Good knowledge of computer architecture, operating systems, networking, application of AI to security or security of AI
  • Good implementation skills with experience in Python, Rust, C, Go
  • Good written and verbal communication skills
  • mastery in English
  • Comfortable presenting to executives, technologists and customers
Job Responsibility
Job Responsibility
  • Define research agenda and take lead on research projects
  • Lead design of systems and solutions with colleagues
  • Own implementation of significant components
  • Build robust product-ready prototypes to test and demonstrate ideas
  • Research and develop foundational security capabilities for HPE products and services
  • Collaborate with business units, supply chain, partners and open-source community
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Security Researcher - ITDR (Cortex)

We are looking for a Senior Security Researcher to join our Identity Threat Dete...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years’ experience with Active Directory security and identity related attacks
  • 2+ years of experience with Entra ID (formerly Azure AD) or SAAS application - Advantage
  • In-depth knowledge of the inner-workings of operating systems
  • In-depth Knowledge of network protocols, including but not limited to Kerberos, RPC, SMB, HTTP, SMTP, DNS, DHCP, etc
  • In-depth knowledge of enterprise infrastructure, including Active Directory, FW, VPN, Security products, etc
  • At least 2 Years of experience coding Python - Advantage
  • Strong knowledge of SQL language - Advantage
  • Experience with red-teaming / pentest of Entra ID - Advantage
  • Experience with machine learning / data analysis / cloud infrastructure / security - Advantage
  • Ability to drive and own projects from start to finish
Job Responsibility
Job Responsibility
  • Research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities
  • Focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale
  • Collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats
  • Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments
  • Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior
  • Develop and refine statistics-based classification algorithms and techniques to create and improve detection models
  • Research specific scenarios to enhance our model's capabilities
  • Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product
  • Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats
Read More
Arrow Right

Senior Security Research Engineer

We are seeking a senior technologist to join the Security Lab in HPE Labs. This ...
Location
Location
United Kingdom , Bristol
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD (or equivalent research experience) plus 10 or more years of experience
  • track record of innovation driven into products
  • experience as a technical leader
  • application of AI to security or security of AI
  • excellent knowledge of system security techniques and principles
  • strong implementation skills with experience in one or more of the following: Python, Rust, C, Go
  • excellent knowledge of computer architecture, operating systems and networking
  • excellent written and verbal communication skills
  • comfortable presenting to executives, technologists and customers
  • excellent analytical and problem-solving skills
Job Responsibility
Job Responsibility
  • Define a research agenda and take the lead on research projects
  • build advanced security capabilities for HPE products and customers
  • collaborate with business units, supply chain, partners, and the open-source community
  • build robust product-ready prototypes to test and demonstrate ideas
  • lead the design of systems and solutions
  • inspire and motivate others.
What we offer
What we offer
  • Comprehensive suite of health & wellbeing benefits
  • personal & professional development programs
  • unconditional inclusion
  • flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Mobile Security Researcher Android/iOS

At Promon, we protect the mobile apps people rely on every day. Our award-winnin...
Location
Location
Norway , Oslo
Salary
Salary:
Not provided
promon.io Logo
Promon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A deep understanding of the mobile app security threat landscape (Android and/or iOS)
  • Hands-on experience with static & dynamic reverse engineering—think IDA Pro, Ghidra, Binary Ninja, Frida, Unicorn, or Qiling
  • In-depth knowledge of Android/iOS internals
  • The ability to write code —whether in ARM64 assembly, C/C++, or Python
  • Solid communication & collaboration skills
  • The ability to work autonomously
  • Fluent in English (both verbal and written)
Job Responsibility
Job Responsibility
  • Hunt down threats targeting mobile apps and our security products
  • Reverse-engineer attacks from external pentests, third-party exploits, and our bug bounty program, then document your findings
  • Fight back with proof-of-concepts (PoCs)—build countermeasures and collaborate with our product teams to turn them into reality
  • Monitor emerging threats and stay ahead of the game by tracking the latest attack techniques and security trends
What we offer
What we offer
  • Work at the forefront of game-changing technology
  • Nordic work culture renowned for innovation, flat hierarchy, and inclusivity
  • Support for your passion, curiosity, and goals
  • Work with some of the world's best app security experts and mobile security thought leaders
  • International team
  • Celebrate birthdays, team wins, reaching milestones, or the joy of holidays
  • Fulltime
Read More
Arrow Right

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst

In the Bosch Cyber Security Organization, we coordinate the vulnerability manage...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Completed university degree (Master/Diploma/PhD) in Information Security, Computer Science, Software Development, Electrical Engineering, Mathematics, or comparable field
  • Team player familiar with cooperation and delegation
  • Versatile and communicative individual who enjoys preparing and sharing information tailored to target audience
  • Strong technical background in security and several years of professional experience in multiple fields: IT Security, Cloud Security, Embedded Security, Industrial Control Systems (ICS), Industrial IoT (IIoT), Consumer IoT, Software Security and Security Research, Vulnerability Management process design and execution
  • Ideally basic knowledge in operational management of CSIRT, CERT, or Product-CERT
  • Love challenges while defining and implementing processes in new, effective, and user-oriented manner
  • Very good English written and spoken
  • German would be an important asset
Job Responsibility
Job Responsibility
  • Investigate and assess vulnerabilities within operational environment
  • Provide basis for prioritizing vulnerability remediation follow-up
  • Work closely with development and operations teams in Poland and tracking teams in India
  • Support further development of Enterprise Security Advisory Services
  • Track risks through vulnerabilities
  • Continuously identify process improvements for enhanced tool support
  • Coordinate implementation of improvements with international teams
  • Actively work as team to network with external stakeholders
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Professional support and knowledge sharing
  • Ongoing development opportunities in multinational environment
  • Broad access to professional trainings including language courses, conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits including MultiSport, shopping vouchers, cinema tickets
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst

In the Bosch Cyber Security Organization, we coordinate the vulnerability manage...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Completed university degree (Master/Diploma/PhD) in Information Security, Computer Science, Software Development, Electrical Engineering, Mathematics, or a comparable field of study
  • Team player who is familiar with both cooperation and delegation
  • Versatile and communicative individual who enjoys preparing and sharing information tailored to the target audience
  • Strong technical background in security and several years of professional experience in multiple of the following fields: IT Security, Cloud Security, Embedded Security, Industrial Control Systems (ICS), Industrial IoT (IIoT), Consumer IoT, Software Security and Security Research, Vulnerability Management process design and execution
  • ideally basic knowledge in the operational management of a CSIRT, CERT, or Product-CERT
  • Love challenges, while defining and implementing processes in a new, effective, and user-oriented manner
  • Very good English, written and spoken
  • German would be an important asset
Job Responsibility
Job Responsibility
  • Investigate and assess vulnerabilities within their operational environment, providing the basis for prioritizing the follow-up of vulnerability remediation
  • Work closely with development and operations teams in Poland, as well as tracking teams in India, supporting the further development of our Enterprise Security Advisory Services and the tracking of risks through vulnerabilities
  • Continuously identify process improvements for enhanced tool support and coordinate their implementation with the respective international teams
  • Actively work as a team to network with external stakeholders
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right