Responsibilities:
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.
Requirements:
Qualifications:
You have at least 5+ years of experience in cyber security with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against SaaS Apps (Sharepoint, Exchange, Entra ID), Oauth Apps, Enterprise Apps.
You have BS or equivalent experience in computer science, engineering, or information technology.
You have understand and deep knowledge of few commonly used attack tools and frameworks used by Redteam Proficient in at least one programming language such as Python, C#, or C++.
You have excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers. Experience working with and manipulating large data sets (i.e. billions of events per day).
Qualifications:
You have at least 5+ years of experience in cyber security with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against SaaS Apps (Sharepoint, Exchange, Entra ID), Oauth Apps, Enterprise Apps.
You have BS or equivalent experience in computer science, engineering, or information technology.
You have understand and deep knowledge of few commonly used attack tools and frameworks used by Redteam Proficient in at least one programming language such as Python, C#, or C++.
You have excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers. Experience working with and manipulating large data sets (i.e. billions of events per day).
This position is open to all candidates.
