Security Researcher II – Security for AI

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. 

The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. 

In this role, you’ll research and build defenses across AI systems, agentic protocols, Identity platforms, and SaaS applications. One day you might analyze a new class of AI prompt injection attacks or Agents abuse, the next you’ll be hunting through data or creating novel protection mechanisms for them. You’ll work closely with product teams to turn research prototypes into real security features. 

Join our threat protection research team and be part of a team who contributes to Microsoft’s most advanced and innovative security solutions. Our mission is to help everyone to counter cyber threats by strengthening their security capabilities across their entire environment, including Identities, Agentic AI systems, Cloud and Applications. 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. 

Responsibilities

• Conduct in-depth analysis and research on cloud environments and AI tools to identify threats, vulnerabilities, and potential risks. 

• Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection strategies across the entire kill-chain. 

• Collaborate with multiple product and engineering teams to design the next iteration of sensors, implement detection ideas and validate their effectiveness using a data-driven approach. 

• Provide cybersecurity expertise as needed during security escalations and incidents to help protect Microsoft and our customers 

Qualifications

Required Qualifications:

• 3+ years of hands-on experience in security research. 

• BSc. or M.Sc. in Computer Science, Software Engineering, or relevant practical experience (e.g. service in elite technology unit in IDF).

• Code fluency in either C#, Python or Rust.

• A drive to tackle hard problems with level of ambiguity.

• knowledge of the security threat landscape, with experience in the modern attacker kill chain and MITRE ATT&CK—especially in cloud, application, identity, and AI-related threat scenarios. 

• Team player – open to ideas and enjoys working with others to achieve shared goals. 

• Familiarity with cloud environments, and hybrid cloud enterprise services  

Preferred Qualifications:

• Good hands-on knowledge of AI/LLM  fundamentals and concepts, including technical aspects related to usage of AI/LLM in production systems and agentic frameworks.

• Familiarity with OAuth and other identity protocols, as well as knowledge of the AI domain - especially MCP, A2A, and related technologies. 

• Industry recognized author of security research papers, blogs, or books.

• Low-level/security knowledge of other operating systems.

#MSFTSecurity #Research #CloudAppAndIdentity #Sec4AI

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.