Senior Security Research - Mstic Threat Intelligence

Microsoft Microsoft · Big Tech · IL · Security Research

This role is for a Senior Security Research position focused on threat intelligence within Microsoft's Cloud & AI organization. The primary responsibility is to track and analyze sophisticated threat actors, translate intelligence into actionable outcomes to improve Microsoft's security products and defenses, and collaborate with internal and external teams to protect Microsoft assets and customer environments. The role requires deep technical expertise and analytic tradecraft for end-to-end investigations, detection, hunting, and disruption efforts.

What you'd actually do

  1. As a threat intelligence analyst, you will be responsible for tracking sophisticated adversaries and use your technical knowledge of adversary capabilities, infrastructure, and techniques.
  2. You will define, develop, and implement techniques to discover and track current adversaries and identify the attacks of tomorrow.
  3. You will produce actionable intelligence, proactively drive hunting and detection capabilities, and contribute to the disruption of adversary activity to protect Microsoft and its customers.
  4. In this role, you will collaborate closely with MSTIC and partner with security, engineering, and product teams across Microsoft to protect Microsoft assets, products, and customer environments.
  5. You will strengthen existing partnerships and build new ones with key organizations to enhance collective defense and improve product and service security.

Skills

Required

  • tracking sophisticated adversaries
  • technical knowledge of adversary capabilities, infrastructure, and techniques
  • define, develop, and implement techniques to discover and track current adversaries
  • produce actionable intelligence
  • proactively drive hunting and detection capabilities
  • contribute to the disruption of adversary activity
  • collaborate closely with MSTIC and partner with security, engineering, and product teams
  • strengthen existing partnerships and build new ones
  • at least 6 years of experience producing actionable threat intelligence on targeted and advanced persistent threats
  • demonstrable impact on network and host defenses
  • Proven expertise tracking and investigating APT adversaries, across all stages of the attack chain
  • Strong ability to analyze and hunt adversary behaviour end-to-end
  • map attack chains
  • communicate clear, evidence-based intelligence to technical and executive audiences
  • Ability to quickly adapt to a rapidly evolving telemetry landscape

Nice to have

  • Experience operationalizing threat intelligence and hunting methodologies at scale, leveraging AI and automation, Python, or scalable analytical workflows
  • Analysis of sophisticated malware and targeted attacks against enterprise or government environments, including identification of large-scale and supply chain attack patterns
  • Cloud intrusion analysis in adversary operations
  • Host forensic investigation and log analysis of advanced targeted adversaries
  • Proven track record in producing actionable Threat Intelligence on APTs based on telemetry analysis.

What the JD emphasized

  • at least 6 years of experience producing actionable threat intelligence on targeted and advanced persistent threats, with demonstrable impact on network and host defenses
  • Proven expertise tracking and investigating APT adversaries, across all stages of the attack chain
  • Experience operationalizing threat intelligence and hunting methodologies at scale, leveraging AI and automation, Python, or scalable analytical workflows
  • Analysis of sophisticated malware and targeted attacks against enterprise or government environments, including identification of large-scale and supply chain attack patterns
  • Cloud intrusion analysis in adversary operations
  • Host forensic investigation and log analysis of advanced targeted adversaries
  • Proven track record in producing actionable Threat Intelligence on APTs based on telemetry analysis.