Senior Security Researcher

About The Position

Requirements

• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR equivalent experience.
• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
• Microsoft Cloud Background Check:
• This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Nice To Haves

• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR equivalent experience.
• Experience in security research, threat analysis, incident response, or detection engineering.
• Understanding of identity and access technologies, such as authentication and authorization protocols (OAuth, OIDC, SAML), tokens, certificates/PKI, and MFA.
• Experience analyzing security telemetry at scale (for example, using Kusto, SQL, or similar analytics platforms).
• Ability to translate complex technical findings into clear guidance for engineers and security stakeholders.
• Ability to obtain and maintain a U.S. Government security clearance; active clearance is a plus.

Responsibilities

• Translate emerging security threats into clear, actionable engineering requirements, partnering with product and engineering teams to drive AI‑first solutions that close gaps quickly and scale protections across identity systems.
• Investigate and analyze advanced identity based attacks, including token theft, certificate abuse, federation compromise, workload identity misuse, MFA bypass, and hybrid/cloud attack paths.
• Perform deep security investigations using large scale telemetry across cloud identity systems, correlating signals to distinguish malicious activity from expected service behavior.
• Design high fidelity detections based on adversary invariants and abuse patterns.
• Partner with product and platform engineering teams to drive durable security improvements, including logging and telemetry enhancements, protocol hardening, policy changes, and safer default designs.
• Contribute to incident response and post incident reviews, identifying root causes, systemic gaps, and long term mitigations that prevent recurrence.
• Influence security strategy by identifying emerging threat classes, assessing residual risk, and advising engineering and security leadership.
• Build or contribute to automation and tooling that accelerates investigation, detection, and remediation at cloud scale.
• Collaborate across security, engineering, and research teams to improve Microsoft’s overall identity security posture.