Security Researcher II / Senior Security Researcher - Microsoft Defender (Multiple Roles)

Overview

Join one of the elite research teams powering Microsoft Defender, the dominant market leader in XDR, SIEM, Cloud, and AI Security. We protect the world’s largest enterprises by analyzing trillions of signals to protect against sophisticated cyberattacks across hybrid and multi-cloud environments.

We are currently hiring for multiple Security Research positions across our Microsoft Defender Research teams in Israel. By applying to this unified pipeline, you will be considered for a high-impact role (at either the Security Researcher II or Senior Security Researcher role) within one of our specialized groups, including Autonomous Attack Disruption, Cloud Workload Protection, Identity Research, Posture Research, or Security for AI.

We are looking for passionate, highly skilled security researchers who thrive on the challenge of breaking complex attacker kill-chains. Leveraging Microsoft’s dominant market position and the world’s most massive telemetry set, you will have a direct, tangible impact on the security of the global economy. We are looking for researchers who want to see their findings transformed into production-ready protection, where the ultimate goal is not just to detect threats, but to prevent and stop them in near real-time.

Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate possesses every desired skill and experience, but together, we form a strong, effective team.

Responsibilities

• Investigate real world advanced attacker TTPs to develop high-fidelity protection signals, and robust logic across complex kill-chains.
• Design and implement innovative capabilities that autonomously prevent, detect and disrupt sophisticated threats in near real-time.
• Infuse deep security expertise into the analysis of massive telemetry sets using big-data query languages, reasoning over data to identify novel malicious patterns, and drive evidence-based research decisions.
• Partner with engineering and product teams to share research insights, validate protection concepts, and push ideas forward into production-ready protection at a global scale.
• Contribute expert insights to a strategic feedback loop by analyzing real-world attack data and telemetry to refine protection coverage and accuracy.
  
  

Qualifications

• You have at least 4+ years of hands-on experience in security research or threat hunting, with a specialized focus on identity, cloud, or AI-based threat scenarios.
• Deep understanding of the threat landscape, including modern attacker techniques, AI-driven threats, and complex kill-chains, with a focus on platform internals across OS, Cloud Workloads and Identity platforms.
• Proven ability to reason over large-scale datasets using big-data query languages, applying security expertise to identify novel patterns and make evidence-based decisions.
• Familiarity with cloud environments (e.g., Azure, AWS) and the specific security challenges inherent to hybrid and multi-cloud infrastructures in large enterprise customers.
• Experience hunting across diverse signal sources, effectively uncovering threats within on-premises, hybrid, and cloud environments.
  
  

Preferred Qualifications

• B.Sc. or M.Sc. in Computer Science, Software Engineering, or a related field, or equivalent practical experience (e.g., relevant industry or military experience).
• Programming proficiency (e.g., Python, C#, or similar), with a proven ability to develop and ship production-ready protection logic.
• Public track record of security research, such as technical blog posts, whitepapers, or presentations at major industry conferences.
• Experience in offensive security or adversary simulation.
• Demonstrated ability to work effectively in cross-functional teams, bridging the gap between deep research and scalable engineering.
  
  

By applying to this position, you may be considered for multiple similar roles within our organization as part of an invitation‑only virtual Interviews.

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.