CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Senior Security Researcher

United States, Redmond Employment contract 119800.00 - 234700.00 USD / Year · Job Posted June 30, 2026
Apply Position
Job Link Share

Job Description

Microsoft Security aspires to make the world a safer place for all. We empower every user, customer, and developer with a security cloud that protects them with end-to-end, simplified solutions across heterogeneous environments — and across our own internal estate. Our culture is centered on a growth mindset, inspiring excellence, and bringing our best each day to create innovations that impact billions of lives. Come build one of Microsoft's most exciting security products: Identity Threat Detection and Response (ITDR). As cyber-attacks grow more sophisticated, we help enterprises detect, investigate, and autonomously protect against advanced identity-based attacks and data breaches — from nation-state actors to large-scale ransomware operators. Our research team combines deep knowledge of the attacker landscape and tradecraft to deliver the innovations needed to uncover and stop even the most well-funded adversaries. We are seeking an experienced Senior Security Researcher, excited by finding new attacks, to join our research team and focus on detecting and autonomously protecting against sophisticated enterprise attacks. The role spans novel attack-technique research, big-data analysis over rich sensor data, identifying the optics needed to expose malicious behavior, and crafting detection and protection logic so compromise does not go undetected. We expect our researchers to fluently leverage Generative AI to accelerate every stage of their work — from hypothesis generation and code prototyping to large-scale data triage and detection authoring.

Job Responsibility

  • Own end-to-end large research projects that deliver identity protection against the most prevalent threats in the landscape
  • Conduct in-depth investigation and research of data across multiple identity and additional sources to identify threats and sophisticated attack incidents
  • Keep up to date with the latest trends in cyber-attacks and create robust, sophisticated detection logics across the entire kill-chain
  • Collaborate with product management, security, and engineering teams across the company to design innovative solutions and new identity protection capabilities
  • Collaborate with data science teams to understand, identify, and implement detection gaps, capabilities, assumptions, and improvements
  • Leverage Generative AI tooling to scale research throughput
  • Demonstrate thought leadership and engage and enlighten others through compelling, meaningful content and informative sessions

Requirements

  • B.Sc./M.Sc. degree in Computer Science or related technical discipline
  • 6+ years of experience in cyber security with a background in the modern attacker kill-chain and MITRE ATT&CK, preferably in identity-based threat scenarios
  • Windows internals knowledge, along with good working knowledge of the main identity protocols (e.g., Kerberos, NTLM, LDAP, OAuth 2.0, SAML)
  • Good knowledge in at least one programming language such as C# (preferred), Python, or C++
  • Good knowledge in at least one language such as KQL, SQL, or Cypher
  • Demonstrated fluency leveraging Generative AI tools (e.g., GitHub Copilot, Security Copilot, ChatGPT/Claude, or equivalent LLM-based workflows) to scale day-to-day research work
  • Excellent cross-group, leadership, and interpersonal skills
  • A drive to tackle hard problems with notable levels of ambiguity
  • Ability to meet Microsoft, customer, and/or government security screening requirements are required for this role, including Microsoft Cloud Background Check upon hire/transfer and every two years thereafter

Nice to have

  • Experience in authoring security research papers, blogs, or books
  • Experience with Windows forensics and an understanding of key forensic artifacts, especially around lateral movement scenarios
  • Experience with Cloud forensics, including identity attack artifacts and lateral movement techniques
  • Experience building or applying AI/LLM-assisted workflows to security research, detection engineering, or threat intelligence at scale
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Researcher

8 matching positions

Senior Security Researcher

1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accel...
Location
Location
United States; Canada
Salary
Salary:
153000.00 - 214000.00 USD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of progressive experience in security research, offensive security, or vulnerability research
  • Education: Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or a related field
  • or equivalent practical experience
  • Security research experience: Proven track record of discovering and responsibly disclosing original vulnerabilities, ideally with published CVEs, advisories, or equivalent publicly-recognized findings
  • Offensive security experience: A track record of hands-on experience in vulnerability research, exploit development, or advanced adversarial simulation techniques
  • Sufficient domain experience in two or more of the following domains: application security, Linux system internals, Windows system internals, macOS system internals, AI/Agentic security, Web application security, or Mobile application security
  • AI security experience: Familiarity with prompt injection, data poisoning, AI design architecture, AI-based attacks, and related vectors
  • Software engineering proficiency: Proficiency in one or more programming languages such as Go, Rust, Python, Ruby, JavaScript/TypeScript, or equivalent modern languages, with the ability to read and audit code for vulnerabilities
  • Integrity and ethical rigor: Consistent history of handling vulnerabilities and disclosures responsibly while engaging constructively with vendors and the research community
  • Demonstrable written and verbal communication skills, with a track record of producing technical publications, blog posts, and/or conference talks that clearly convey complex security topics
Job Responsibility
Job Responsibility
  • Vulnerability Research: Conduct original, hands-on research into application-level, protocol-level, and ecosystem-level vulnerabilities in 1Password’s products and the broader identity security landscape
  • You will discover, validate, and document novel vulnerability classes and attack chains
  • Demonstrate Exploitability: Collaborate with peers to develop proof-of-concept exploits and attack demonstrations that validate research findings, illustrate real-world risk, and support engineering teams in understanding and prioritizing remediation efforts
  • AI & Agentic Security Research: Investigate security risks at the intersection of AI and identity, including prompt injection, data poisoning, and other AI-based attack vectors
  • Your work will address the emerging challenges of agentic security at the interaction between privileged access management (PAM) and AI systems
  • Technical Publications & Thought Leadership: Author high-quality research publications, white papers, blog posts, and technical advisories
  • You will have the opportunity to present findings on podcasts, webinars, and at major security conferences that contribute to 1Password’s reputation as a thought leader in identity security
  • Community Engagement: Engage actively with the global security research community through responsible disclosure, collaborative research, open-source contributions, and participation in industry forums/events
  • Cross-functional Collaboration: Partner with Product, Engineering, and Detection teams to translate research findings into actionable security improvements. Provide evidence-based technical guidance that informs product direction and security strategy
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • Competitive health benefits
  • Generous PTO policy
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Security is one of the most critical priorities for our customers in a world of ...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Must pass Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Design and execute adversary simulations that emulate real-world threat actors across endpoint, identity, cloud, and SaaS environments
  • Develop and modify offensive tooling, including custom payloads, loaders, and command-and-control (C2) frameworks
  • Conduct malware development and tradecraft research to replicate modern attacker techniques such as evasion, persistence, and lateral movement
  • Leverage threat intelligence to inform adversary emulation scenarios, including campaign design, TTP selection, and operational sequencing
  • Apply threat modeling frameworks such as MITRE ATT&CK to emulate realistic attack paths and identify defensive gaps
  • Utilize AI-enabled and agentic systems to generate attack variations, automate tradecraft execution, and scale simulation coverage
  • Partner with blue team and detection engineering teams to validate detections and improve defensive capabilities
  • Analyze telemetry generated from simulations to assess detection coverage and identify opportunities for improvement
  • Contribute to simulation reports, technical documentation, and internal knowledge sharing
  • Collaborate across teams to improve offensive tooling, methodologies, and research practices
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Security is one of the most critical priorities for our customers in a world of ...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Design and execute adversary simulations that emulate real-world threat actors across endpoint, identity, cloud, and SaaS environments
  • Develop and modify offensive tooling, including custom payloads, loaders, and command-and-control (C2) frameworks
  • Conduct malware development and tradecraft research to replicate modern attacker techniques such as evasion, persistence, and lateral movement
  • Leverage threat intelligence to inform adversary emulation scenarios, including campaign design, TTP selection, and operational sequencing
  • Apply threat modeling frameworks such as MITRE ATT&CK to emulate realistic attack paths and identify defensive gaps
  • Utilize AI-enabled and agentic systems to generate attack variations, automate tradecraft execution, and scale simulation coverage
  • Partner with blue team and detection engineering teams to validate detections and improve defensive capabilities
  • Analyze telemetry generated from simulations to assess detection coverage and identify opportunities for improvement
  • Contribute to simulation reports, technical documentation, and internal knowledge sharing
  • Collaborate across teams to improve offensive tooling, methodologies, and research practices
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Security remains a critical priority for our customers as they navigate growing ...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 258000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • This position requires verification of U.S. citizenship due to citizenship‑based legal restrictions
Job Responsibility
Job Responsibility
  • Explore and correlate large data sets to uncover novel and sophisticated attack techniques, monitor and catalog changes in activity group tradecraft, and generate custom alerts for enterprise customers
  • Work with customer support teams to support investigation and response during an enterprise's time of need
  • Collaborate with our data science and threat research teams to develop and maintain accurate and durable cloud-based detections
  • Build hunting tools and automations for use in the discovery of human adversaries
What we offer
What we offer
  • Benefits and other compensation
  • Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

We are Cloud Threat protection Research team within Microsoft Threat Protection,...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cybersecurity, with strong hands-on understanding of the modern attacker kill chain, MITRE ATT&CK framework, and evolving cloud-based threats, including attacks targeting Enterprise Apps, and emerging AI-driven applications
  • Proven experience securing cloud and containerized environments, with hands‑on knowledge of Azure, AWS, and/or GCP, and technologies such as Kubernetes, container platforms, Storage, Key Vault, DNS and cloud services
  • Deep knowledge of adversary tooling, red team frameworks, and attacker techniques, with the ability to analyze, simulate, and interpret real-world attacker behaviors across cloud ecosystems
  • Proficiency in at least one programming language (e.g., Python, C, or C++) for building research prototypes, internal tools, automation, or detection logic
  • Strong proficiency in query languages such as KQL, SQL, or Cypher for large-scale telemetry analysis, threat hunting, behavioral investigations, and detection validation
  • Experience working with large-scale datasets to support detection development, proactive threat hunting, behavioral analytics, and signal quality improvement
  • Strong collaboration and communication skills, with the ability to clearly articulate research insights, influence product and engineering decisions, and work effectively with partner teams, including Engineering, Data Science, and incident response stakeholders
  • Bachelor’s or Master’s degree in Computer Science, Engineering, or a related technical discipline, or equivalent practical experience in security research or threat detection
Job Responsibility
Job Responsibility
  • Research real‑world hybrid threats across cloud services, end point, identity and AI systems
  • Analyze live attacker behavior and production incidents to build high‑signal detections
  • Design multi‑cloud and enterprise protections that ship in Microsoft Defender
  • Collaborate closely with product, engineering, and global research teams to turn ideas into impact
  • Partner with strong in‑house AI teams to advance AI security, detection quality, and explainability
  • Build innovative tools, automation, and research prototypes at global scale
  • Operate in a high‑trust, ownership‑driven team culture that values technical depth and innovation
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for EDR and SIEM platforms
  • Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Demonstrated expertise in developing and refining detection and response strategies leveraging major EDR and SIEM platforms, with a strong emphasis on Microsoft Defender and Sentinel, to provide comprehensive threat coverage and response capabilities
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
  • Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments
  • Proven ability to work independently and deliver complete solutions
  • Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams
Job Responsibility
Job Responsibility
  • Lead and execute advanced research on emerging endpoint, identity and cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Develop and refine detection and response strategies leveraging major EDR and SIEM platforms, with a strong emphasis on Microsoft Defender and Sentinel, to provide comprehensive threat coverage and response capabilities
  • Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response
  • Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

We are looking for a Security Researcher who thrives on both sides of the fence....
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
  • Offensive security mindset with the ability to flip to the defensive side — finding attacks and building mitigations
  • Strong analytical skills — comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
  • Familiarity with operating system internals (Windows and/or macOS)
  • Hands-on experience with reverse engineering or dynamic/static analysis tools
  • Ability to write code for automation, tooling, and proof-of-concepts
  • Strong written and verbal communication — ability to write compelling research and present at conferences
Job Responsibility
Job Responsibility
  • Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows
  • Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings
  • close the loop from attack to protection
  • Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments
  • Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses)
  • Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries
  • Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs
  • Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.)
Read More
Arrow Right

Senior Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Tulsa
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements
  • Must pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Design and lead technical experiments exploring the intersection of AI, cybersecurity, and emerging technologies, translating research concepts into working prototypes and demonstrations
  • Build and operate lab environments, datasets, and model pipelines to test security scenarios involving AI systems, threat intelligence, and autonomous platforms
  • Conduct security research and adversarial analysis on modern AI and software systems, identifying risks, vulnerabilities, and defensive strategies
  • Collaborate with Microsoft engineering teams, startups, universities, and ecosystem partners to evaluate new technologies and accelerate applied research outcomes
  • Develop technical demonstrations, proof-of-concepts, and applied research outputs that showcase innovations emerging from the Cyber + AI Lab
  • Contribute to technical insights, reports, and presentations that translate lab research into actionable intelligence for Microsoft teams, partners, and the broader security community
  • Fulltime
Read More
Arrow Right