Security Researcher

With over 18,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft’s end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services, but also because we provide a differentiated and connected customer experience.

The Global Customer Success (GCS) organization is leading the effort to create the desired customer experience through support offer creation, driving digital transformation across our tools, and delivering operational excellence across CE&S.

The Microsoft Detection and Response Team (DART) is looking for a Principal Security Response Engineer, Infrastructure to join their collaborative team. This position will be a vital individual contributor role on the DART team in taking the lead in threat hunting and forensics in delivery of cybersecurity investigations for our customers. You will work in a fast-paced, intellectually intense, service-oriented environment where collaboration and speed are key to our investigations.

The role is flexible in that you can work up to 100% from home however short notice travel to work onsite alongside customers will likely be 40% or higher as is demanded by the needs of our customers and business. This position may require you to work a rotational On-Call schedule, evenings, weekends or holiday shift. Though schedule changes are not frequent, you will need to have flexibility to accommodate changes as needed.

This role is flexible in that you can work up to 100% from home.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

**Responsibilities**:
**Conducting Research**

Identifies, conducts, and supports others in conducting research into critical security areas, such as competitor products, current attacks, adversary tracking, and academic literature. Partners cross-functionally (e.g., across disciplines, teams, or security versus non-security) to design solutions to prevent attacks. Designs lead to engineering projects. Investigates business critical security issues (e.g., root cause, motivation, and impact). Advocates priorities. Elevates findings appropriately to address and mitigate issues. Solicits feedback and evaluates results to incorporate into future research. Demonstrates judgment in identifying projects and priorities (e.g., what to test and pursue). Understands interplay across Microsoft technologies and how they give rise to attacker opportunities.

Works with others to synthesize research findings into recommendations for mitigation of security issues. Shares across teams. Drives change within team based on research findings. Contributes to professional community through publications.

Analyzes complex issues using multiple data sources to develop insights and identify security problems and threats. Creates new solutions to mitigate security issues. Makes tradeoffs to balance security and operational needs. Identifies and recommends process improvements and adopts best practices. Leverages the work of others to improve existing processes. Helps to drive resolution to systemic security issues through cross-team collaboration. Anticipates previously unknown potential artifacts that could be present in data as indicators of attacker activity. Drives cross-team collaboration. May contribute to professional community through conference and forum presentations.

Recommends prioritization and validation methods for technical indicators. Synthesizes threat data to generate trends, patterns and insights that align to intelligence requirements or customer requests. Reviews findings and identifies nuanced variants. Develops tools to automate analyses.

Leads efforts to clean, structure, and standardize data and data sources. Leads data quality efforts to ensure timely and consistent access to data sources. Curates sources of data and partners to develop and sustain data access across teams. Incorporates new data sources consistent with corporate data privacy standard.

Takes product schedules, dependencies and risk assessments into consideration in performing security design and analysis. Creates a schedule for analysis of large feature areas that accounts for dependencies and meets milestones. Creates schedule for a security analysis that involves several stakeholders and that optimizes their time and effort. Conducts Security Research of Microsoft and competitor products. Researches, analyzes, and summarizes security threats and shares with security assurance and security tooling teams as enhancements to security compli