Security Research Analyst

Microsoft Microsoft · Big Tech · Prague, Prague, Czech Republic · Security Research

This role involves leveraging AI-enabled workflows and building AI agents to enhance threat detection, investigation, and response within enterprise security operations. The analyst will hunt for advanced attacks, analyze large datasets, collaborate with data science teams, and operationalize AI agents for security research and output generation.

What you'd actually do

  1. Hunt directly in customer environments with proactive and reactive guidance.
  2. Explore and correlate large data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, and investigate alerts for enterprise customers.
  3. Work directly with customers at all levels of their security organization from analyst to CISO to support investigation and response.
  4. Collaborate with data science and threat research teams to develop and maintain accurate and durable detections.
  5. Leverage AI-powered security tools, copilot, and agentic workflows to accelerate threat investigations, enrich customer findings, improve analytical efficiency, and drive better security outcomes.

Skills

Required

  • Experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection; OR Master’s Degree in Statistics, Mathematics, Computer Science, or related field.
  • Experience in a technical role in Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
  • Working with extremely large data sets using tools and scripting languages such as Excel, KQL, Python, Splunk, and Power BI.
  • Experience leveraging generative AI, large language models, copilots, autonomous agents, or AI-assisted workflows to improve security operations, threat hunting, incident response, investigations, or operational efficiency.
  • Experience building automations or AI-assisted workflows using scripting languages, orchestration platforms, low-code automation tools, or agent frameworks.
  • Advanced knowledge of operating system internals and security mechanisms.
  • Experience analyzing attacker techniques.
  • Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques.
  • Knowledge of operating system internals, OS security mitigations, and security challenges across Windows, Linux, Mac, Android, and iOS platforms.
  • Experience with cloud environments and network signals.
  • Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements.
  • Knowledge of major cloud and productivity platforms as well as identity systems and related security concerns.
  • Experience with curation of Threat Intelligence.
  • Experience with direct customer communication in a service delivery role.
  • Ability to use data to tell a story.
  • Experience with reverse engineering, DFIR, incident response, or machine learning models.
  • Experience with system administration in a large enterprise environment, including Windows and Linux servers and workstations, network administration, and cloud administration.
  • Experience with offensive security including Metasploit, exploit development, OSINT, and designing ways to breach enterprise networks.
  • Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC.

Nice to have

  • Ability to meet Microsoft, customer, and/or government security screening requirements, including the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
  • Ability to work from the Prague office at least three (3) days per week.
  • Ability to support weekend, holiday, and non-standard business-hour coverage where legally allowed and aligned to local labor regulations.

What the JD emphasized

  • AI-enabled workflows
  • AI agents
  • automation

Other signals

  • AI-enabled workflows
  • build tools and automations
  • design, build, test, and operationalize automations and AI agents
  • opportunities where AI agents and automation can improve