Principal Security Researcher

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity.

Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Microsoft prioritizes security, empowering individuals and organizations with a comprehensive security cloud that delivers end-to-end protection.

The Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) research team enables global security teams to detect and respond to cyber threats efficiently. By leveraging expert knowledge of the technologies that threats exploit, an attacker mindset, and adapting to a dynamic landscape, we tackle highly sophisticated threats across both cloud and hybrid (cloud + on-prem) attacks.

Our AI-driven solutions automate investigations and responses, ensuring swift protection for customers and optimizing security operations. We are looking for a Principal Security Researcher to drive cutting-edge security innovations in large-scale, multi-tenant environments, enhancing the defense capabilities of Government and National cybersecurity teams.

In this role, you will work closely with Data Science, Engineering, Product, and Threat Intelligence teams to develop advanced detection, automated response, and correlation techniques across Microsoft Defender XDR, Sentinel, and the Unified Security Operations Platform—leveraging both Microsoft and third-party security data.

Your expertise in adversary tradecraft, detection engineering, and large-scale threat modeling will be instrumental in advancing defense strategies that proactively identify and disrupt sophisticated attack campaigns.

This role provides an opportunity to push the boundaries of security research, applying deep technical knowledge to improve threat detection, response automation, and incident correlation—helping National SOC teams stay ahead of the most sophisticated threats in the world.

Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate possesses every desired skill and experience, but together, we form a strong, effective team.