Security Research Manager - Microsoft Defender for Cloud Apps
Tel Aviv | Security Engineering | Jan 30, 2024 | Job number 1681581

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.


Our research team’s core mission is protecting Microsoft 365 users across devices, identities, applications, and data via cross-category, tightly integrated threat protection for sec ops and sec-admins. If you believe that cyber-attacks can happen without ever dropping an executable on disk and that a forwarding rule and tokens can be weaponized like PowerShell, this role may be for you! 


Protecting M365 users is a big challenge, but with the signals we have built today in Microsoft Defender for Office 365, Microsoft Defender for Identity, Microsoft Defender for Endpoint, and Microsoft Defender for Cloud Apps, we are the best equipped company in the world to realize this opportunity and fundamentally change the security world, both for our customers and for attackers. 


To help design our single federated protection solution spanning all M365 security products, we are seeking a technical and motivated Security Research Lead to join Microsoft 365 Defender security research to manage a talented team of researchers across geography. This team of security experts and threat hunters builds the products responsible for protecting Microsoft customers and ecosystem from emerging security threats, novel vulnerabilities, and sophisticated intrusion. 


If you are passionate about having a huge impact in the security industry and enjoy leading world class security researchers to solve some of the most critical, complex, and impactful security problems, we would love to talk to you!

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.


The main responsibilities include but not limited to:  


  • Manage a security research team to yield new insights, theories, analyses, data, algorithms, and prototypes that advance state-of-the-art protection against most advanced attacks targeting Cloud Identities leading to SaaS applications including AI based apps. 
  • Lead and support the team to investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection solution/strategies across the kill-chain or product/SaaS solution 
  • Work with other internal and external teams to forge new and improve existing partnerships that help mature the product.  
  • Deliver innovation through thought leadership, influencing both the product and organizational direction.  
  • Collaborate with other researchers, coordinators, and developers to improve the protection capabilities of the products.  


The ideal candidate will demonstrate  


  • Planning and Execution: Ability to think holistically and strategically. Proven ability to plan, organize, and manage complex technical products.  
  • Communication: Conceptualize complex ideas quickly and convey those thoughts to others in a clear, effective and motivating manner. Able to conduct insightful, multi-faceted conversations with senior leadership and decision makers.  
  • Collaboration: Experienced collaborator able to work effectively across broad teams and influence stakeholders of all levels and of all disciplines across Microsoft.  
  • Cultural Leadership: Proven ability to lead cultural initiatives, having positive impact on team morale and fostering an environment of inclusion.  
  • Microsoft Values: As a member of the defender leadership Team, candidates must be excellent representatives of the Microsoft cultural attributes and leadership principles.  
  • Judgement: Excellent product and technical judgment. Consistently demonstrating maturity and intellectual curiosity, helping the team pursue the best ideas.  



Basic qualifications:  

  • 10+ years of computer security industry experience with knowledge of traditional attacker kill-chain (MITRE ATT&CK) but also of emerging threats and techniques for attacks against cloud and identity services. 
  • 3+ years of people management experience, or relevant experience demonstrating readiness to step up into a people management role. 


Preferred Qualifications:

  • Offensive security research experience for cloud-based attacks. 
  • Reverse engineering and/or Incident Response experience 
  • Industry recognized author of security research papers, blogs, presentations, or books. 
  • Excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers.


#MSFTSecurity #MSecR #CloudAppAndIdentity


Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.


Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.