Security Researcher - Microsoft Defender For Endpoint
Multiple Locations | Security Engineering | Mar 21, 2024 | Job number 1692358

Come and be part of the team building one of Microsoft’s most exciting security products, Microsoft Defender for Endpoint (MDE). As cyber-attacks have become more sophisticated, MDE helps enterprises detect, investigate, and automatically disrupt advanced attacks and data breaches on their networks.  From detecting and disrupting nation state actors to huge ransomware actors in action, our research team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover and protect against even the most well-funded attacker. 


We are seeking a security researcher who is excited by uncovering unknown attacks to join our Israeli research team and focus on detecting and disrupting sophisticated enterprise attacks. The job includes researching novel attack techniques, hunting through our rich sensor data, identifying necessary optics for detecting malicious behavior and crafting detection and protection logic to ensure compromise does not go undetected. 


Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. 



  • Conduct in-depth investigation and research of on-premises/hybrid environments to identify threats and sophisticated attack incidents. 
  • Investigate, analyze and learn from security researchers, attackers and real incidents in order to develop durable detection and disruption strategies across the entire kill-chain or product enhancements. 
  • Design sensors, implement detection ideas, and validate their effectiveness using a data-driven approach 
  • Publish blogs that help build mindshare for Microsoft Defender. 


  • Experience: 3+ years of hands-on experience in security research. 
  • Education: Bachelor's degree in Computer Science, Computer Engineering, or equivalent engineering degrees. 
  • Security Expertise: Knowledge and experience with the security threat landscape, background in the modern attacker kill-chain and MITRE ATT&CK. 
  • OS Internals: Possess practical knowledge of Windows OS internals. 
  • Programming Skills: Fluent in one or more of the following languages: C#, C/C++, Python, Java, or Rust. 
  • Interpersonal Skills: Demonstrated excellent cross-group and interpersonal skills. 


Preferred Qualifications 

  • Digital Forensics: Proficiency in digital forensics, incident response, and threat hunting skills.  
  • Data analysis and big data: Proficient in at least one query language such as KQL, SQL, Cypher. Experience in big data analysis. 
  • Offensive Security: Substantial experience in offensive security research. 
  • Research Publications: Recognized authorship of security research papers, blogs, or books in the cybersecurity domain. 
  • Cloud Experience: Familiarity with cloud environments and hybrid cloud enterprise services is preferred. 


#MSFTSecurity #MDE #Research