Join the Microsoft Security Response Center (MSRC) as a Security Researcher and be at the forefront of securing Microsoft’s devices and services. As part of the Global Hunting, Oversight, and Strategic Triage (GHOST) team, you will be instrumental in defending Microsoft and its customers against advanced threats. This role offers an exciting opportunity to work with cutting-edge technologies, influence security practices, and contribute to the global cybersecurity landscape.

Key Responsibilities

1. Threat Analysis. Conduct in-depth analysis of attacker activities in both on-premises and cloud environments to identify potential threats and enable proactive defense.
2. Customer Notification. Alert customers about imminent threats and provide actionable recommendations to enhance their cybersecurity posture.
3. Tool Development. Build proof-of-concept tools and prototypes for threat hunting, automation, and new capabilities.
4. Product Improvement. Collaborate with engineering teams to drive improvements in Microsoft products and tools based on threat hunting and incident response findings.
5. Mitigation Strategies. Identify and prioritize complex security issues, develop mitigations, and provide proactive guidance to customers.
6. Research Synthesis. Synthesize research findings into actionable recommendations and share them across teams to drive change and improve security measures.

Qualifications

1. Experience. 5+ years in large-scale computing, cybersecurity, anomaly detection, or related fields, including experience in threat hunting, digital forensics, reverse engineering, or incident response.
2. Education. Master's degree in Statistics, Mathematics, Computer Science, or a related field.
3. Security Screening. Ability to meet Microsoft, customer, and government security screening requirements, including the Microsoft Cloud background check.
4. Certifications. Professional certifications such as CISSP, SANS, or GIAC, and technical certifications related to Azure or SharePoint.
5. Technical Skills. Experience with Active Directory, cloud identity, forensic analysis tools (e.g., X-Ways Forensics, Encase), SIEM logs, and Microsoft Defender 365 security stack.
6. Threat Intelligence. Familiarity with Indicators of Compromise (IOCs), Indicators of Activity (IOAs), Tools, Techniques, and Procedures (TTPs).
7. Platform Knowledge. Experience with Windows and Azure internals, Linux and macOS forensic analysis, and cybersecurity solutions like EDR and SIEM.
8. Consulting Experience. Experience working with consulting companies is a plus.

Microsoft’s Commitment
Microsoft is an equal-opportunity employer, committed to creating a diverse and inclusive environment. All qualified applicants will receive consideration for employment without regard to any characteristic protected by applicable laws. We also offer reasonable accommodations during the application process for candidates with disabilities.

Ready to make a global impact on cybersecurity? Apply now to join the GHOST team and be part of Microsoft’s mission to empower every person and organization on the planet.