The Cloud Apps and Identity Research (CAIR) team is seeking a Security Researcher with deep expertise in identity-based attacks and threats. The ideal candidate brings strong knowledge of common authentication protocols and technologies across both on-premises and cloud environments (e.g., Kerberos, SAML, OAuth, LDAP) and is familiar with the internals and logging of leading Identity Providers (e.g., Entra ID, Okta).
In this role, you will conduct technical research to analyze and break down identity-based attacks observed across the threat landscape — including insights from security research, real-world incidents, customer reports, and emerging trends. Your work will directly guide product and engineering teams in building advanced visibility, high-confidence detections, and durable protections that safeguard Microsoft customers at scale.
.
Analyze and deeply understand the internals of authentication and network protocols, independently reproducing identity-based attacks for investigation, exploration, and research purposes.
Become a subject-matter expert in identity-focused investigation, collection, analysis, and forensics — including a deep understanding of emerging trends, evolving attack techniques, and the identity threat landscape.
Collaborate closely with multiple product and engineering teams to design next-generation sensors, implement innovative detection ideas, and validate their effectiveness using a data-driven approach.
Work hand-in-hand with engineering teams to deliver prototypes and production-ready code that support and operationalize research insights.
Provide cybersecurity expertise during security escalations and incidents to help protect Microsoft and our customers.
You have at least 4+ years of proven experience in security research.
Strong engineering skills with proficiency in developing solutions and prototypes in C and/or Python.
Experience owning a feature end-to-end including design, implementation, testing, and ongoing maintenance.
Demonstrated expertise in Identity Security.
B.Sc. or M.Sc. in Computer Science, Software Engineering, or equivalent practical experience (e.g., service in an elite IDF technology unit).
Preferred Qualifications
Hands-on experience in offensive security research.
Recognized contributions to the security community (e.g., research papers, blogs, publications).
- Excellent cross-team collaboration and interpersonal communication skills.
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
your
mark