Principal Security Research Manager - Microsoft Defender For Endpoint

 

Come and be part of the team building one of Microsoft’s most exciting security products, Microsoft Defender for Endpoint.  As cyber-attacks have become more sophisticated, MDE helps enterprises detect, investigate, and automatically disrupt advanced attacks and data breaches on their networks.  From detecting nation state actors to huge ransomware actors in action, our research team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover and protect against even the most well-funded attacker.

We are seeking an experienced security research leader who is excited by uncovering unknown attacks to lead one of our Israeli research teams focusing on detecting sophisticated enterprise attacks. The job includes researching novel attack techniques, hunting through our rich sensor data, identifying necessary optics for detecting malicious behavior and crafting detection and protection logic to ensure compromise does not go undetected.

Responsibilities

• Lead a research team focusing on detection of sophisticated enterprise threats and techniques - investigating, analyzing, and expanding upon security research and real incidents to develop durable detection strategies across the entire kill-chain 
• Lead groundbreaking research that would be presented in top security conferences
• Attract and retain great people; Know each individual’s capabilities and aspirations and invest in their growth.  
• Collaborate with multiple product teams to design sensors, implement detection and protection ideas, and validate their effectiveness using a data-driven approach 
• Collaborate with data science teams to understand and identify detection gaps, capabilities, assumptions and improvements
• Be involved in customer conversations in order to identify opportunities, gaps and concerns
  
  

Qualifications

• 10+ years experience in Threat Protection and Security Research
• 4+ years people management experience
• Deep and practical Windows internals knowledge 
• Experience translating complex business problems into prioritized, results-driven team objectives with ability to drive strategy alignment and impact through collaborative work across organizational boundaries, positively influence organizational culture and attract and retain great people.  
• Excellent cross-group and interpersonal skills.   
  
  

Preferred qualifications: 

• BSc+ in Computer Science or Computer Engineering or equivalent
• Reverse Engineering skills: familiar with debuggers, disassemblers, protocols, file formats 
• Offensive security research experience 
• Digital forensics skills 
• Network research experience
• Industry recognized author of security research papers, blogs, or books 
• Low-level/security knowledge of other operating systems
  
  

#MSFTSecurity #MDEResearch

Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.