[Remote] Senior & Principal Security Researcher

Note: The job is a remote job and is open to candidates in USA. Microsoft is one of the largest enterprise service companies in the world, and they are seeking a Senior or Principal Security Researcher to join their Global Hunting, Oversight, and Strategic Triage (GHOST) team. The role involves performing threat hunts, assisting with investigations, developing threat intelligence, and improving Microsoft products to enhance customer security.

Responsibilities

• Performing deep analysis of attacker activity in on-premises and cloud environments
• Identifying potential threats, allowing for proactive defense before an actual incident
• Notifying customers regarding imminent attacker activity
• Providing recommendations to improve customers’ cybersecurity posture going forward and performing threat intelligence knowledge transfer to prepare customers to defend against today’s threat landscape
• Building proof-of-concept and prototype threat hunting tools, automations, and new capabilities
• Driving product and tooling improvements by conveying learnings from threat hunting and incident response at scale to engineering partner teams
• Identifying, prioritizing, and targeting complex security issues that cause negative impact to customers. Creating and driving adoption of relevant mitigations and providing proactive guidance
• Working with others to synthesize research findings into recommendations for mitigation of security issues. Sharing across teams. Driving change within team based on research findings

Skills

• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
• Citizenship & Citizenship Verification: This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations
• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
• Proven knowledge of security fundamentals across Microsoft platforms (Client, Server, Cloud)
• Strong understanding of malware and the modern threat landscape, especially identity-based attacks
• Familiarity and understanding of SQL or Kusto Query Language (KQL) queries (or experience with large database/SIEM query languages such as Splunk/Humio/Kibana, etc.)
• Familiarity and understanding of Jupyter Notebooks, or building equivalent threat hunting automations with scripting languages
• Experience with sophisticated threat actor evidence including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs)
• Use of forensic analysis tools such as X-Ways Forensics®, WinHex®, Encase®, FTK®, etc
• Experience with various forensic log artifacts found in SIEM logs, web server logs, AV logs, protection logs such as HIDS and NIDS logs

Company Overview

• Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services. It was founded in 1975, and is headquartered in Redmond, Washington, USA, with a workforce of 10001+ employees. Its website is https://www.microsoft.com.

Apply tot his job Apply To this Job