Senior Security Researcher - Microsoft Defender for Endpoint
Herzliya, Tel Aviv, Israel | Security Engineering | Jun 08, 2022 | Job number 1361872

Come and be part of the team building one of Microsoft’s most exciting security products, Microsoft Defender for Endpoint.  As cyber-attacks have become more sophisticated, MDE helps enterprises protect, detect, investigate, and respond to advanced attacks and data breaches on their networks.  From detecting nation state actors to patient zero ransomware infections, our research team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover even the most well-funded attacker. 


We are seeking an experienced security researcher who is excited by uncovering unknown attacks to join our Israeli research team as part of an effort focused on Data Center protection. The job includes researching the threat landscape, identifying necessary optics for detecting malicious behavior, and crafting detection logic to ensure compromise does not go undetected. 


Primary responsibilities would include: 


  • Being part of a new EDR team in Israel, focused on Data Center security
  • Conducting technical research, aimed at understanding the attack landscape and driving innovation to advance state of the art detection technology & our product’s effectiveness
  • Tracking adversary activities to develop attacker tradecraft and support durable detection innovation
  • Collaborate with data science teams to solve complex detection problems
  • Innovating on operating processes/procedures to gain efficiency and improve customer protection
  • Making good, timely and practical decisions while bringing clarity to ambiguous challenges


  • 5 years of security experience in either Incident Response, malware analysis, security product development, offensive security, or tracking cyber threats with a demonstrated ability to leverage intelligence on attacker methodology, tools, and infrastructure to improve security posture
  • Practical Windows internals knowledge (other OS experience may count)
  • 3+ years of coding experience
  • BS+ in Computer Science or Computer Engineering or equivalent experience
  • Excellent cross-group and interpersonal skills


Preferred qualifications: 


  • Offensive security research experience 
  • Digital forensics skills 
  • Industry recognized author of security research papers, blogs, or books 
  • Reverse Engineering skills: familiar with debuggers, disassemblers, protocols, file formats
  • C# coding experience



Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.


Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.