Security is a top priority for our customers in a world filled with digital threats and regulatory challenges. At Microsoft Security, we aim to make the world safer by providing end-to-end, simplified security solutions. Our mission is to secure digital platforms, devices, and clouds in diverse environments, while also protecting our internal systems. We embrace a growth mindset, inspire excellence, and encourage our teams to bring their best every day, creating innovations that impact billions of lives.
Join our team and help build Microsoft Defender for Endpoint (MDE), one of our most exciting security products. As cyber-attacks become more sophisticated, MDE helps enterprises detect, investigate, and automatically disrupt advanced attacks and data breaches. Our research team leverages deep knowledge of the attacker landscape to develop innovations that protect against even the most well-funded attackers.
We are seeking an experienced security researcher to join our Israeli research team. Your focus will be on detecting and disrupting sophisticated enterprise attacks. The role involves researching novel attack techniques, analyzing big data from our sensor network, identifying necessary optics for detecting malicious behavior, and crafting detection and protection logic to ensure compromises do not go undetected.
Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate possesses every desired skill and experience, but together, we form a strong, effective team.
Responsibilities
Conduct in-depth investigation and research of data across multiple endpoints and additional sources, to identify threats and sophisticated attack incidents.
Keep up-to-date with latest trends in cyber attacks and create robust, sophisticated detection logics across the entire kill-chain.
Collaborate with product management, security and engineering teams across the company to design innovative solutions and new disruption capabilities, and validate their effectiveness using a data-driven approach.
Collaborate with data science teams to understand, identify and implement detection gaps, capabilities, assumptions, and improvements
Demonstrate thought leadership, be able to engage and enlighten others through compelling meaningful content and informative sessions.
Requirements: You have B.Sc./M.Sc. degree in Computer Science or related technical discipline.
You have at least 4+ years of hands-on experience in cybersecurity, with a strong understanding of the modern attacker kill-chain and MITRE ATT&CK, preferably in endpoint-based threat scenarios.
You have Windows internals knowledge.
You have a good knowledge in at least one programming language such as C# (preferred), Python, or C++.
You have a good knowledge in at least one query language such as KQL, SQL, Cypher.
You have an excellent cross-group, leadership and interpersonal skills.
A growth-oriented and inclusive mindset, valuing diverse perspectives and continuous learning.
Preferred: Experience in authoring of security research papers, blogs, or books. - Experience with Windows forensics and an understanding of key forensic artifacts, especially around lateral movement scenarios. - Experience with Cloud forensics, including identity attack artifacts and lateral movement techniques.
.המשרה מיועדת לנשים ולגברים כאחד