Principal Security Researcher (Red Team)

Microsoft•Redmond, WA

About The Position

Security is a critical priority for customers facing growing digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aims to make the world safer by providing a security cloud that offers end-to-end, simplified protection. The Microsoft Threat Protection Research (MTP-R) Purple Team operates at the intersection of offense, defense, and intelligence, working across Microsoft Defender technologies to ensure telemetry, detections, and protections are effective against real-world cyberattacks. We are seeking a Principal-level red team security researcher experienced in adversary emulation, offensive tooling, and malware development to design and execute realistic attack simulations in an AI-first environment. This role will utilize agentic systems and LLM-driven workflows to scale attack development, automation, and simulation fidelity, contributing to how AI-enabled offensive research emulates modern adversaries in controlled, high-impact ways. This is an opportunity for someone with offensive security experience to shape AI-enabled adversary emulation at scale, define methodologies, influence product direction, and drive innovation in agentic red team capabilities.

Requirements

Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
OR equivalent experience.
Ability to meet Microsoft, customer and/or government security screening requirements.
Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
This position requires verification of U.S. citizenship due to citizenship‑based legal restrictions.
Specifically, this position supports United States federal, state, and/or local government agency customers and is subject to certain citizenship‑based restrictions where required or permitted by applicable law.
To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified via a valid passport.

Nice To Haves

Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
OR equivalent experience.
5+ years of experience in red teaming, offensive security, or adversary emulation.
Security related certifications such as OSCP, OSCE, OSEP, OSWE, GPEN, GXPN, GREM
Expertise in C2 framework design, implant development, and offensive infrastructure.
Background in malware development, reverse engineering, or exploit development.
Experience leveraging and producing threat intelligence at the campaign or actor level.
Knowledge of MITRE ATT&CK and threat modeling methodologies.

Responsibilities

Lead the design and execution of complex, multi-stage adversary simulations across endpoint, identity, cloud, and SaaS environments.
Architect and develop advanced offensive tooling, including scalable C2 frameworks, custom implants, and malware tradecraft.
Conduct deep research into modern attacker techniques, including novel evasion strategies, cloud abuse patterns, and identity-based attacks.
Drive threat modeling and adversary emulation strategy, aligning simulations with real-world campaigns and emerging threats.
Leverage and contribute to threat intelligence by producing new insights from simulation results, tradecraft research, and adversary behavior analysis.
Design and implement AI-enabled and agentic systems to automate offensive operations, generate adaptive attack paths, and scale simulation complexity.
Evaluate the effectiveness of defensive systems, including AI-driven detections, and provide strategic recommendations for improvement.
Partner with engineering, detection, and intelligence teams to influence product direction and improve security outcomes.
Deliver executive-level briefings, technical reports, and strategic recommendations.
Act as a technical leader, shaping offensive research methodology, mentoring team members, and driving long-term innovation.

Benefits

The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year.
There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.
Certain roles may be eligible for benefits and other compensation.
Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume