Job Description

Empower every person and organization on the planet to achieve more. That's what inspires us, drives our work, and pushes us to challenge the status quo every day. Security is a top priority for Microsoft because it is a top concern for our customers. Microsoft's Security and Compliance team has invested deeply to build strong 1st party security capabilities across Microsoft 365.

The fight against cybercrime requires defenders to be adaptive and responsive to the rapidly evolving threat landscape. To protect our customers from an adaptive adversary and help them manage complexity in the cyber operation, we in turn need to innovate. Our security researchers provide the foundation of our innovation cycle, building immediate detections and mitigations, understanding the full breadth of impact experienced by our customers, and driving novel and durable product detections.

We are seeking a Senior Security Research Lead to join our research team and to manage a geographically distributed team. We power protection of tens of millions of users across products like Office 365, Outlook, Microsoft Threat Protection, Mobile Threat Detection, Edge, and more. In this role, you would be responsible for a team of researchers and analysts that respond to customer escalations, proactively research, investigate and mitigate the latest email phishing and social engineering threats and campaigns. The teams works across boundaries and geographies with a diverse team of data scientists, security researchers, applied researchers, engineers, and internal & external partners to empower our customers to communicate & browse with confidence and trust.

MicrosoftATL

scjobs

scrjobs

scatl

As a Senior Security Research Lead on the team, you will be responsible for:

1. Leading a research and response team to solve customer problems, and yield new insights, detections, and mitigations into the latest email-based phishing, SPAM, and BEC campaigns.
2. Overseeing response to critical customer escalations to resolve detection effectiveness issues and engage with relevant partner teams to drive great customer experiences.
3. Building, and maintaining a healthy and inclusive working environment.
4. Authoring, adjusting, and innovating on heuristic and regex-based rules to react to immediate changes in attacker behaviors for email related phishing and social engineering threats.
5. Managing outsourced staff to correctly identify and label email messages and URL landing pages.
6. Innovating on operating processes to gain efficiencies and improved customer protections.
7. Making good, timely and practical decisions with uncertainty on a consistent basis.

Required:

* 7+ years of computer security industry experience utilizing a deep knowledge of email communications and the security landscape to investigate, document, and mitigate risks from email-based attacks.
* 3+ years of experience working to build customer or vendor relationships.
* 1+ years of coding experience (Regex, SQL, python, C)
* 1+ years of people management, or relevant experience demonstrating readiness to step up into a people management role.
* Solid verbal and written communication skills in English.

Preferred

* Familiar with the cyber kill chain, especially attack scenarios originating from email or web sites.
* Familiar email headers, email/web security protocols, and related analysis tools.
* Experience authoring and interacting with big data solutions to pull and analyze data.
* Customer first mindset for responding to customer escalations and reporting investigative findings.
* Experience working through ambiguity to drive innovations in detections and internal team processes.
* Broad, general, familiarity with the threat landscape affecting enterprise customers.
* Familiarity with automated report building and business intelligence solutions (like PowerBI) is a plus.
* Excellent cross group and interpersonal skills, with the ability to articulate the business need for security or detection improvements.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.