Email, chat, and the web are integral parts of our everyday lives. They are essential for communication and productivity, but are also the primary ways cybercriminals exploit victims and infiltrate organizations. Attackers abuse these communication methods to steal identities, hold critical assets for ransom, inflict financial harm, and install malicious software. Do you want to join a team dedicated to protecting hundreds of millions of people from these threats?
At Microsoft Security, our mission is to make the world a safer place for all. The Messaging and Web Security Research team is a global, multidisciplinary organization of engineers, data scientists, security researchers, and program managers. With an unparalleled view of the threat landscape, we develop deep expertise in attacker techniques and use that knowledge along with the latest technology to stop it. We protect customers using Outlook.com, Microsoft Defender for O365, Microsoft Edge, and much more.
We are seeking a Security Researcher with the right blend of creativity, tenacity, and a passion for response operations to help us protect the hundreds of millions of customers that rely on our Outlook.com email service every day. In this role, you will proactively research, investigate, and mitigate the latest spam and phishing campaigns; conduct deep research and experimentation on new durable protection strategies; and collaborate with a diverse team of data scientists, researchers, engineers, and product managers to protect a global customer base.
We are redefining email and web security using the latest technology, unparalleled data and intelligence systems, and a collaborative and inclusive team culture. Join us and make a difference in our mission to empower everyone to communicate with confidence and trust!
As a Security Researcher on the team, you will be responsible for:
- Responding to escalations to resolve detection effectiveness issues (misclassified spam/phish and false positives)
- Overseeing and optimizing outsourced team operating processes and driving improvements in tooling and documentation.
- Authoring rules and creating new ML features to thwart evolving email-based attacks.
- Conducting deep research on attacker campaigns and techniques to support durable detection investments and improve customer experience.
- Engaging and collaborating with diverse partner teams to drive great customer experiences and ensure holistic protection across the Microsoft Security stack.
Required/Minimum Qualifications
- 1+ year(s) experience in software development lifecycle, large-scale computing, modeling, cyber security, and/or anomaly detection
- OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
- 1+ years of experience querying and analyzing large datasets (e.g. SQL, Python, KQL/Azure Data Explorer, Excel, PowerBI, etc.)
Other Requirements:
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
Additional or Preferred Qualifications
- 2+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
- OR Bachelor's Degree in Statistics, Mathematics, Computer Science or related field.
- Yara, RegEx, or comparable rule-writing experience
- Curiosity to learn about attacker patterns and behaviors, with a drive to build innovative detections and protections.
- Understand the cyber kill chain, especially attack scenarios originating from email or web sites.
- Understand email headers, email/web security protocols, and related analysis tools.
- Experience responding to customer escalations and reporting investigative findings.
- Experience working through ambiguity to drive innovations in detections, monitoring, and internal team processes.
- Solid understanding of attacker tradecraft associated with email and web-based threats.
- Familiarity with agile development practices
- Broad, general, familiarity with the threat landscape affecting our customers.
- Experience building automated reports, alerting, workflows, and/or business intelligence solutions (PowerBI).
- Ability to use data to “tell a story” and influence decision-making.
- Experience creating, using, or contributing to the development and validation of machine learning models.
Security Research IC2 - The typical base pay range for this role across the U.S. is USD $76,400 - $151,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $100,300 - $165,400 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
#MSecR #MSSecurity
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.