The Microsoft Threat Protection Research (MTP-R) Purple Team is seeking a senior-level red team security researcher to design and execute realistic attack simulations in an AI-first environment. This role focuses on adversary emulation, offensive tooling, and malware development to enhance security measures against real-world cyberattacks. The researcher will work with agentic systems and LLM-driven workflows to automate and scale attack development. Collaboration with blue team and detection engineering teams is essential to validate detections and improve defensive capabilities.

• Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field.
• Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in relevant fields.
• Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in relevant fields.
• Ability to meet Microsoft, customer and/or government security screening requirements.
• 5+ years of incident response, threat hunting, and/or SOC experience.
• Experience leveraging and producing threat intelligence at the campaign or actor level.
• Knowledge of MITRE ATT&CK and threat modeling methodologies.
• Security related certifications such as: GCIA, GMON, GCIH, CISA.
• 3+ years of experience with coding.
• Experience in classical and deep learning machine learning methods.

• Design and execute adversary simulations that emulate real-world threat actors across various environments.
• Develop and modify offensive tooling, including custom payloads and command-and-control frameworks.
• Conduct malware development and tradecraft research to replicate modern attacker techniques.
• Leverage threat intelligence to inform adversary emulation scenarios.
• Apply threat modeling frameworks to emulate realistic attack paths and identify defensive gaps.
• Utilize AI-enabled systems to generate attack variations and automate tradecraft execution.
• Partner with blue team and detection engineering teams to validate detections.
• Analyze telemetry generated from simulations to assess detection coverage.
• Contribute to simulation reports, technical documentation, and internal knowledge sharing.
• Collaborate across teams to improve offensive tooling and research practices.

• Employees at Microsoft are often offered comprehensive, “world-class” benefits—including health and mental-wellness programs, competitive pay with bonuses and stock awards, and retirement/savings options. Time-off and flexibility are common, with generous vacation and holidays, parental and caregiver leave, and flexible work schedules, alongside learning support, employee resource groups, product discounts, and matching-gifts/volunteering programs. Specific benefits can vary by region.