Senior Security Researcher

Last updated one month ago
Location:Atlanta, Georgia
Job Type:Full Time

Empower every person and organization on the planet to achieve more. That’s what inspires us, drives our work, and pushes us to challenge the status quo every day. Security is a top priority forMicrosoft becauseit is a top concern for our customers. Microsoft’s Security and Compliance team has invested deeply to build strong 1st party security capabilities across Microsoft 365.

The fight against cybercrime requires defenders to be adaptive and responsive to the rapidly evolving threat landscape. To protect our customers from an adaptive adversary and help them manage complexity in the cyber operation,we in turn need to innovate.Our securityresearchersprovide the foundation ofour innovationcycle, building immediate detections and mitigations, understanding the full breadth of impact experienced by our customers, and driving novel and durable product detections.

WeareseekingaSeniorSecurity Researcherto join our research team. We power protectionof tens of millions of users acrossproducts like Office 365, Outlook, Microsoft Threat Protection, Mobile Threat Detection, Edge, and more. In this role, you would be responsible torespond tocustomer escalations,proactivelyresearch,investigateand mitigate the latest phishing and social engineering threatsand campaigns, andwork witha diverse team ofdata scientists, security researchers, applied researchers,engineers,and internal & external partners toempower our customerstocommunicate & browse with confidence and trust.

#MicrosoftATL

#scjobs

#scrjobs

#scatl

Responsibilities

As a Senior Security Researchers on the team, you will be responsible for:

  1. Authoring, adjusting, and innovating on heuristic and regex-based rules to react to immediate changes in attacker behaviors for email related phishing and social engineering threats.
  2. Fully uncovering and documenting attacker campaigns to drive broad product protections.
  3. Tracking adversary activities to develop attacker tradecraft and support durable detection innovations.
  4. Respond to critical customer escalations to resolve detection effectiveness issues and engage with relevant partner teams to drive great customer experiences.
  5. Work with, and guide, grading teams to correctly identify and label email messages and URL landing pages.
  6. Innovating on operating processes to gain efficiencies and improved customer protections.
  7. Making good, timely and practical decisions with uncertainty on a consistent basis.

Qualifications

Required:

  • 5+ years of experience investigating or responding to security incidents originating from the web or email.
  • 3+ years of coding experience (Regex, SQL, python, C#)
  • 1+ years of experience driving projects or processes for operational teams.
  • Solid verbal and written communication skills in English.

Preferred

  • Insatiable curiosity to learn about attacker patterns and behaviors, with a drive to build innovative detections and protections.
  • Familiar with the cyber kill chain, especially attack scenarios originating from email or web sites.
  • Familiar email headers, email/web security protocols, and related analysis tools.
  • Experience authoring and interacting with big data solutions to pull and analyze data.
  • Experience responding to customer escalations and reporting investigative findings.
  • Experience working through ambiguity to drive innovations in detections and internal team processes.
  • Solid understanding of attacker tradecraft associated with email and web-based threats.
  • Broad, general, familiarity with the threat landscape affecting enterprise customers.
  • Familiarity with automated report building and business intelligence solutions (like PowerBI) is a plus.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.