CrawlJobs Logo

Senior Security Researcher

https://www.microsoft.com/ Logo

Microsoft Corporation

Location Icon

Location:
United States , Redmond

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

119800.00 - 234700.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Intelligence Graph Research team within Microsoft CTO organization is responsible for defending Microsoft Cloud and our customers through innovation in security graph research and abuse identification. Defending Microsoft Coud’s complex environment provides a unique opportunity to research, build and evaluate autonomous graph powered defense through emerging generative AI capabilities. We’re looking for a Senior Security Researcher to help us detect and disrupt real-world threats at cloud scale. You’ll build novel anomaly detections over vast Azure, Entra, and bespoke telemetry; convert detections into production-grade machine learning (ML) models; and develop security agents that reduce response fatigue during long-running investigations. You’ll work deeply with a security graph that connects identity, resources, activity, and risk to accelerate investigations and drive high-signal outcomes. This role blends threat research, data science, and applied engineering: you’ll prototype quickly, validate with evidence, and deliver scalable systems that materially improve detection, triage, and investigation speed.

Job Responsibility:

  • Build cloud-scale anomaly detections: Design and implement high-signal anomaly detectors across Azure/Entra and custom log sources (control plane, data plane, identity/auth, app activity, Graph API, Key Vault, storage, etc.)
  • Create detection funnels that reduce noise while preserving true positives, with measurable improvements in alert quality and investigation time
  • Develop baselines and “pattern-of-life” models for identities, service principals, applications, tenants, and infrastructure
  • Convert detections into ML models and scalable pipelines: Translate research detections into ML approaches (supervised, weakly-supervised, semi-supervised, anomaly detection) and deploy them into reliable pipelines
  • Engineer features at scale (time-series aggregates, behavior fingerprints, graph-derived features, sequence features) and evaluate performance with rigorous metrics (precision/recall, alert volume, time-to-triage, drift)
  • Own end-to-end lifecycle from hypothesis to productionization

Requirements:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • 8+ years of experience in security research, detection engineering, threat hunting, incident response, or applied security data science (or equivalent depth of expertise)
  • 3+ years of experience in Azure and Entra security concepts: authentication flows, service principals/app registrations, permissions/consents, conditional access, role assignments, tokens, workload identities, and common abuse paths
  • 3+ years building anomaly detections over large-scale telemetry, including Baselines, time-series aggregates, and behavioral modeling, High-volume log analytics and query optimization (e.g., KQL/ADX or equivalent), Designing alert funnels and triage logic to reduce noise
  • 3+ years in experience in applied ML skills for security problems: Feature engineering, model selection, evaluation design, drift monitoring, Experience shipping ML or statistical detection into production systems
  • 3+ years in experience in Python/C# (data pipelines, modeling, production code quality), distributed processing (e.g., Spark/Databricks/Flink) and large datasets (Parquet/data lakes)
  • 1+ years experience with graph analytics for security use cases (attack paths, entity resolution, graph embeddings, community detection, anomaly scoring) and/or graph databases (Neo4j or similar)
  • 1+ years experience building or operationalizing LLM-powered or agentic investigation systems: Tool-driven agents, retrieval, memory, prompt/eval harnesses, guardrails, and human-in-the-loop workflow
  • 1+ years with Microsoft cloud security telemetry sources such as: Entra sign-in/audit logs, app consent events, Azure activity logs, Key Vault diagnostics, storage access logs, Graph API activity, etc
  • 1+ years experience designing scalable detection systems: streaming pipelines, batch + near-real-time architectures, and reliability/observability

Additional Information:

Job Posted:
February 17, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Microsoft Corporation - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Security Researcher

Senior Security Researcher

Endor Labs is building the Application Security platform for the software develo...
Location
Location
United States
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security research, vulnerability discovery, and offensive security
  • deep expertise in reverse engineering, exploit development, and software vulnerability analysis
  • strong understanding of software supply chain security, including package management systems, CI/CD pipelines, and dependency analysis
  • experience discovering and responsibly disclosing zero-day vulnerabilities
  • proven track record of publishing high-quality research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides)
  • proficiency in programming languages such as Python, Rust, or Go
  • strong analytical skills and the ability to conduct complex security research autonomously
  • excellent communication skills, both written and verbal, to convey technical concepts to diverse audiences.
Job Responsibility
Job Responsibility
  • Conduct offensive security research on software supply chain threats, identifying and analyzing zero-day vulnerabilities
  • develop and refine exploit techniques to understand modern attack vectors targeting software supply chain through malicious code, 3rd party libraries, and CI/CD systems
  • work closely with Product Management to translate research findings into innovative security capabilities within Endor Labs' products
  • publish research findings through technical blogs, white papers, and industry-leading security conferences
  • collaborate with security engineers and developers to prototype and implement detection and mitigation strategies for emerging threats
  • contribute to the security community by developing open-source tools, methodologies, or frameworks that enhance software supply chain security
  • stay ahead of the latest threats, attacker methodologies, and evolving security trends to continuously refine our research efforts.
What we offer
What we offer
  • Work with a world-class team dedicated to pushing the boundaries of security research
  • directly influence the security of modern software supply chains
  • a culture that values innovation, collaboration, and continuous learning
  • competitive compensation, flexible work environment, and a generous benefits package
  • opportunity to present groundbreaking research and contribute to the global security community.
  • Fulltime
Read More
Arrow Right

Senior Security Research Engineer

Senior Security Research Engineer position at HPE's Security Lab in Bristol, UK....
Location
Location
United Kingdom , Bristol
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD (or equivalent research experience)
  • 8+ or more years of experience
  • Track record of innovation driven into products
  • Experience as a technical leader
  • Knowledge of system security techniques and principles
  • Good knowledge of computer architecture, operating systems, networking, application of AI to security or security of AI
  • Good implementation skills with experience in Python, Rust, C, Go
  • Good written and verbal communication skills
  • mastery in English
  • Comfortable presenting to executives, technologists and customers
Job Responsibility
Job Responsibility
  • Define research agenda and take lead on research projects
  • Lead design of systems and solutions with colleagues
  • Own implementation of significant components
  • Build robust product-ready prototypes to test and demonstrate ideas
  • Research and develop foundational security capabilities for HPE products and services
  • Collaborate with business units, supply chain, partners and open-source community
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Security Researcher - ITDR (Cortex)

We are looking for a Senior Security Researcher to join our Identity Threat Dete...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years’ experience with Active Directory security and identity related attacks
  • 2+ years of experience with Entra ID (formerly Azure AD) or SAAS application - Advantage
  • In-depth knowledge of the inner-workings of operating systems
  • In-depth Knowledge of network protocols, including but not limited to Kerberos, RPC, SMB, HTTP, SMTP, DNS, DHCP, etc
  • In-depth knowledge of enterprise infrastructure, including Active Directory, FW, VPN, Security products, etc
  • At least 2 Years of experience coding Python - Advantage
  • Strong knowledge of SQL language - Advantage
  • Experience with red-teaming / pentest of Entra ID - Advantage
  • Experience with machine learning / data analysis / cloud infrastructure / security - Advantage
  • Ability to drive and own projects from start to finish
Job Responsibility
Job Responsibility
  • Research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities
  • Focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale
  • Collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats
  • Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments
  • Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior
  • Develop and refine statistics-based classification algorithms and techniques to create and improve detection models
  • Research specific scenarios to enhance our model's capabilities
  • Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product
  • Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats
Read More
Arrow Right

Senior Security Researcher - Cloud - Security Automation

As a Cloud Cybersecurity Researcher, you will design and implement remediation s...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in cloud security operations and incident resolution
  • Deep expertise in at least one of the following: incident response, red teaming, or advanced threat hunting/detection research
  • Hands-on experience with cloud platforms (AWS, GCP, or Azure) and associated security services
  • Proficiency in Python and practical experience building automation or playbooks
  • Experience working with SQL or similar query languages for large-scale data analysis
  • Strong analytical skills, independent thinking, and ability to collaborate in a team environment
Job Responsibility
Job Responsibility
  • Develop robust, testable, and safe remediation plans for cloud runtime and posture issues (CSPM, DSPM, CIEM, CNAPP, IAM, etc.)
  • Conduct in-depth research to identify attacker TTPs and cloud misconfiguration risks, and translate findings into automated response playbooks
  • Apply data analysis, programming, and modeling techniques to evaluate and optimize remediation approaches
  • Collaborate within a diverse research group to continuously improve automation processes and methodologies
  • Stay ahead of evolving threats, including cloud-native attack vectors and advanced adversary tradecraft
What we offer
What we offer
  • FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees
  • mental and financial health resources
  • personalized learning opportunities
  • Fulltime
Read More
Arrow Right

Senior Security Research Engineer

We are seeking a senior technologist to join the Security Lab in HPE Labs. This ...
Location
Location
United Kingdom , Bristol
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD (or equivalent research experience) plus 10 or more years of experience
  • track record of innovation driven into products
  • experience as a technical leader
  • application of AI to security or security of AI
  • excellent knowledge of system security techniques and principles
  • strong implementation skills with experience in one or more of the following: Python, Rust, C, Go
  • excellent knowledge of computer architecture, operating systems and networking
  • excellent written and verbal communication skills
  • comfortable presenting to executives, technologists and customers
  • excellent analytical and problem-solving skills
Job Responsibility
Job Responsibility
  • Define a research agenda and take the lead on research projects
  • build advanced security capabilities for HPE products and customers
  • collaborate with business units, supply chain, partners, and the open-source community
  • build robust product-ready prototypes to test and demonstrate ideas
  • lead the design of systems and solutions
  • inspire and motivate others.
What we offer
What we offer
  • Comprehensive suite of health & wellbeing benefits
  • personal & professional development programs
  • unconditional inclusion
  • flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Application Security Researcher

The JFrog CSO Security team is looking for a Senior Application Security Researc...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of hands-on experience in an application security role
  • Experience with Web Penetration Testing (Hands On) - Mandatory
  • Strong coding skills, preferably in Java, Golang, and JavaScript - Mandatory
  • Experience with cloud environments - an advantage
  • Experience with microservices (Docker, K8S, Service Mesh) - an advantage
  • Excellent problem-solving skills and the ability to work independently with a strong sense of ownership
  • Good communication skills and a true passion to educate others and achieve continuous improvement
Job Responsibility
Job Responsibility
  • Continuously assess and challenge JFrog’s overall security posture to ensure optimal and up-to-date platform security in our products and systems
  • Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
  • Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
  • Evaluate new technologies and standards in the application security domain
  • Plan and lead cross-company efforts with the R&D that will improve JFrog’s security posture
Read More
Arrow Right

Senior Mobile Security Researcher Android/iOS

At Promon, we protect the mobile apps people rely on every day. Our award-winnin...
Location
Location
Norway , Oslo
Salary
Salary:
Not provided
promon.io Logo
Promon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A deep understanding of the mobile app security threat landscape (Android and/or iOS)
  • Hands-on experience with static & dynamic reverse engineering—think IDA Pro, Ghidra, Binary Ninja, Frida, Unicorn, or Qiling
  • In-depth knowledge of Android/iOS internals
  • The ability to write code —whether in ARM64 assembly, C/C++, or Python
  • Solid communication & collaboration skills
  • The ability to work autonomously
  • Fluent in English (both verbal and written)
Job Responsibility
Job Responsibility
  • Hunt down threats targeting mobile apps and our security products
  • Reverse-engineer attacks from external pentests, third-party exploits, and our bug bounty program, then document your findings
  • Fight back with proof-of-concepts (PoCs)—build countermeasures and collaborate with our product teams to turn them into reality
  • Monitor emerging threats and stay ahead of the game by tracking the latest attack techniques and security trends
What we offer
What we offer
  • Work at the forefront of game-changing technology
  • Nordic work culture renowned for innovation, flat hierarchy, and inclusivity
  • Support for your passion, curiosity, and goals
  • Work with some of the world's best app security experts and mobile security thought leaders
  • International team
  • Celebrate birthdays, team wins, reaching milestones, or the joy of holidays
  • Fulltime
Read More
Arrow Right

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy