Join the elite team powering Microsoft Defender's most groundbreaking autonomous protection system: Automatic Attack Disruption. As cyber threats evolve in sophistication, our team leads the charge in detecting, investigating, and automatically disrupting ransomware extortion attacks before they cause damage. Our research unit combines deep threat intelligence with adversary tradecraft expertise to create cutting-edge solutions that outpace even the most sophisticated threat actors. We're looking for a passionate security researcher ready to make a real-world impact by protecting global enterprises from devastating cyberattacks. As part of our Israeli research team, you'll hunt through diverse signals across on-premises, hybrid and cloud environments, uncovering advanced threats, research emerging attack techniques, design next-generation protection systems, and develop detection logic that ensures no compromise goes unnoticed. This is your chance to stay steps ahead of advanced adversaries while building autonomous defense capabilities that protect organizations worldwide. _Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate_ _possesses_ _every desired skill and experience, but together, we form a strong, effective team._ _Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond._ **Responsibilities** + Investigate and analyze advanced attack techniques, ransomware operations, and extortion tactics to develop a deep understanding of adversary tradecraft and TTPs (Tactics, Techniques, and Procedures). + Proactively hunt through diversesignal sources across on-premises, hybrid, and cloud environments to uncover sophisticated threats before they cause damage. + Design and implement innovative detection algorithms and automated disruption capabilities that can autonomously identify and neutralize threats across the entire kill-chain. + Drive forward-thinking approaches to cybersecurity challenges, continuously exploring new methodologies to enhance Microsoft's autonomous protection capabilities. + Work closely with security research, engineering, and product teams to share insights, collaborate on complex investigations, and develop comprehensive protection strategies. + Author technical blogs and present in security conferences that establish thought leadership of Microsoft Defender in the security community. **Qualifications** Qualifications + Bachelor's Degree in Statistics, Mathematics, Computer Science or related field, or equivalent experience. + At least 5 years of hands-on experience in security research, with practical expertisein cloud security and hybrid environments. + Knowledge of the cybersecurity threat landscape, and modern attacker kill-chains, as mapped in frameworks like MITRE ATT&CK. + Experience in analyzing large-scale security telemetry to detect and investigatemalicious attack patterns. + Proficiency in at least one programming language, such as C#, Python, with ability to develop production-ready detection logic. + Excellent verbal and written communication skills, with the ability to present complex research findings to technical and cross-functional stakeholders. Preferred Qualifications + Experience in offensive or adversary simulation research, particularly in hybrid or cloud-native environments. + Demonstrated contributions to the security community through public research, presentations, blogs, or open-source projects. + Applied knowledge of Windows internals, or relevant operating system security concepts. \#MSFTSecurity #MSFTSecurity #Research #AttackDisruption Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations (https://careers.microsoft.com/v2/global/en/accessibility.html) .