Principal Security Research Lead - Microsoft Defender for Endpoint
Herzliya, Tel Aviv, Israel | Security Engineering | Jun 23, 2022 | Job number 1361867

Come and be part of the team building one of Microsoft’s most exciting security products, Microsoft Defender for Endpoint.  As cyber-attacks have become more sophisticated, MDE helps enterprises protect, detect, investigate, and respond to advanced attacks and data breaches on their networks.  From detecting nation state actors to patient zero ransomware infections, our research team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover even the most well-funded attacker. 


We are seeking a Security Research Leader to join our EDR focused research team. In this role, you will lead, coach, mentor, and grow a team of world class security experts from diverse technical backgrounds to deliver deep security research to advance the state of art of Post breach detection, response & containment. You will work across boundaries and geographies with a diverse set of experts in data science, security researchers, applied researchers, engineers, and internal & external partners to build strategy, realize the vision and drive efforts to empower and protect our customers.



Primary responsibilities would include: 


  • Leading a new EDR team in Israel, focused on Data Center security
  • Overseeing deep technical research, aimed at understanding the attack landscape and driving innovation to advance state of the art detection technology & our product’s effectiveness
  • Tracking adversary activities to develop attacker tradecraft and support durable detection innovation
  • Collaborate with data science teams to solve complex detection problems
  • Innovating on operating processes/procedures to gain efficiency and improve customer protection
  • Making good, timely and practical decisions while bringing clarity to ambiguous challenges
  • Be involved in customer conversations in order to identify opportunities, gaps and concerns



Required qualifications: 


  • 8 years of security experience in either Incident Response, malware analysis, security product development, offensive security, or tracking cyber threats with a demonstrated ability to leverage intelligence on attacker methodology, tools, and infrastructure to improve security posture
  • 2+ years of people management experience, preferably in security research focused role
  • 3+ years of coding experience
  • BS+ in Computer Science or Computer Engineering 
  • Excellent cross-group and interpersonal skills


Preferred qualifications: 


  • Offensive security research experience 
  • Digital forensics skills 
  • Deep and practical Windows internals knowledge (other OS experience may count)
  • Industry recognized author of security research papers, blogs, or books 
  • Reverse Engineering skills: familiar with debuggers, disassemblers, protocols, file formats
  • C# coding experience


Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.


Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.