The Senior Security Researcher role on the Microsoft Threat Protection Research Purple Team focuses on emulating real-world threat actors through adversary simulations. This position requires expertise in offensive security, including adversary emulation, tooling development, and malware research. The team aims to enhance Microsoft Defender technologies by ensuring effective telemetry and detections against cyberattacks. The role also involves leveraging AI-driven workflows to improve attack simulations and collaborating with blue team members to validate defenses.

• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field, or equivalent experience.
• Master's Degree in a relevant field with 3+ years of experience in software development lifecycle, large-scale computing, threat analysis, or cybersecurity.
• Bachelor's Degree in a relevant field with 4+ years of experience in software development lifecycle, large-scale computing, threat analysis, or cybersecurity.
• 3+ years of experience with coding.
• 2+ years of experience in red team operations, adversary emulation, or offensive security research.
• 1+ years of experience with large language models or machine learning.
• Experience in classical and deep learning machine learning methods.
• 1+ years of experience performing threat intelligence research.
• Security related certifications such as OSCP, OSWE, GPEN, GREM, GCPN.

• Design and execute adversary simulations that emulate real-world threat actors across various environments.
• Develop and modify offensive tooling, including custom payloads and command-and-control frameworks.
• Conduct malware development and tradecraft research to replicate modern attacker techniques.
• Leverage threat intelligence to inform adversary emulation scenarios.
• Apply threat modeling frameworks such as MITRE ATT&CK to emulate realistic attack paths.
• Utilize AI-enabled systems to generate attack variations and automate tradecraft execution.
• Partner with blue team and detection engineering teams to validate detections.
• Analyze telemetry generated from simulations to assess detection coverage.
• Contribute to simulation reports, technical documentation, and internal knowledge sharing.
• Collaborate across teams to improve offensive tooling and research practices.

• Employees at Microsoft are often offered comprehensive, “world-class” benefits—including health and mental-wellness programs, competitive pay with bonuses and stock awards, and retirement/savings options. Time-off and flexibility are common, with generous vacation and holidays, parental and caregiver leave, and flexible work schedules, alongside learning support, employee resource groups, product discounts, and matching-gifts/volunteering programs. Specific benefits can vary by region.