Principal Applied AI Security Researcher

We are looking for a Principal Applied AI Security Researcher to join the Microsoft Defender Experts Research Team and help shape the future of managed security services.

• Apply advanced AI/ML techniques—including generative AI and graph-based methods—to detect, track, and anticipate attacker behaviors across Microsoft Defender telemetry and diverse customer environments.
• Lead hypothesis-driven threat hunts by designing AI-assisted hunting playbooks that correlate identity, endpoint, email, cloud, and SaaS signals to uncover novel attack patterns and campaigns.
• Develop and evolve adversary behavior models and security knowledge graphs to prioritize risk, improve detection quality, and guide automated response strategies.
• Design and execute experiments that transform managed security operations, define measurable success criteria, and scale proven approaches into production workflows.
• Collaborate with cross-functional teams—including security researchers, product engineers, and Defender Experts—to translate research into actionable detections, automation, and investigation tools that enhance customer outcomes.
• Operationalize AI models at scale by building robust data pipelines, implementing labeling strategies, and ensuring model monitoring for fairness, drift, and performance in live environments.
• Champion Responsible AI principles by ensuring privacy, security, and compliance throughout the AI lifecycle, from data collection to deployment.
• Communicate research impact effectively through clear documentation, prototypes, and presentations, while mentoring peers and contributing to inclusive best practices in AI for security.
• Stay ahead of the evolving threat landscape by tracking attacker tradecraft, validating new AI techniques, and converting insights into proactive detections and mitigations that reduce customer risk.

• 7+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
• OR Doctorate in Statistics, Mathematics, Computer Science or related field
• Experience in cybersecurity research, including threat investigation, attacker methodologies, and incident response.
• Experience in programming and scripting skills (e.g., Python, PowerShell, C#, C++) and ability to analyze large datasets using tools such as KQL, SQL, Splunk
• Experience translating complex technical findings for diverse audiences.
• Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.

• Health insurance
• 401k matching
• Generous time away
• Giving programs
• Discounts on products and services
• Educational resources
• Industry leading healthcare
• Opportunities to network and connect

Microsoft Security aspires to make the world a safer place for all.