Come and be part of the team building one of Microsoft's most exciting security products, Microsoft Defender Advanced Threat Protection (WDATP). As cyber-attacks have become more sophisticated, MDATP helps enterprises prevent, detect, investigate, and respond to advanced attacks and data breaches on their networks. From detecting nation state actors to complex supply chain attacks, ransomware to fileless attacks, our team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover even the most well-funded attacker.
We are seeking a leader to help us grow our team of expert security researchers and security engineers to protect our customers against all threats by delivering durable threat prevention & remediation content. This team will leverage the billions of signals surfaced via MDATP, cutting edge threat research, state of the art ML/AI and human expertise to ensure threats are stopped before they infect user machines. The team also operates in a research-as-a-service model and helps resolve any reported FNs/FPs in our products by delivering durable protection content. This leadership position requires deep domain knowledge in security research, threat hunting, experience in security operations, and the capability to manage a globally distributed team of experts.
* BS+ in Computer Science or Computer Engineering
* Proven team leadership and people management capabilities via 3+ years of experience managing a security team
* Reverse Engineering skills: familiar with debuggers, disassemblers, network protocols, file formats, sandboxes, hardware/firmware internals, software communication mechanisms
* Development skills with Objective C, C, and/or scripting languages (e.g. Python, bash)
* Experience in dealing with big data problems and excellent skills in data analytics with a focus on security Excellent interpersonal skills and effective written/verbal communication skills, with experience presenting to C-level audiences
* Good knowledge of kill-chain model, ATT&CK framework, and modern redteam techniques
* Expert knowledge in detection technologies
* Deep and practical OS security/internals knowledge
* Ability to work effectively in ambiguous situations and respond favorably to change
* Industry recognized author of security research papers, blogs, or books
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
Primary responsibilities would include:
* Hire and manage a team of talented security researcher and security engineers, working closely with data scientists and other threat hunters across MDATP
* Conduct research that yield new insights, theories, analyses, data, algorithms and prototypes that advance state-of-the-art of malware protection
* Investigate, analyze and learn from security researchers, attackers and real incidents in order to develop durable detection strategies across the entire kill-chain or product enhancements.
* Work with other internal and external teams to forge new and improve existing partnerships that help mature the product
* Provide exemplary leadership in an exceptionally challenging and rewarding environment and influence the organization
* Collaborate with other researchers, coordinators and developers to improve the protection capabilities of the products
Microsoft develops, licenses, and supports software, services, devices, and solutions.