Senior Security Researcher
Amsterdam, Noord-Holland, Netherlands
Save
Overview
The Power Platform team is eager to identify new patterns of vulnerability so customers can protect their sensitive workloads and build secure integrations. We are working on the edge technology of AI and Cloud. The Power Platform security team are world class experts in cloud and integration related threats, they are talented and enthusiastic employees looking to share their knowledge and experience.
We are looking for a Senior Security Researcher to join our team. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Power Platform aspires to be the most secure and governable low-/no-code platform in the world. We want to reshape how developers build applications and ensure that security and governance empower any customer, and developer with tools that protect from design to deployment.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Qualifications
Required Qualifications:
- Experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
- OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
- Proficiency in at least one programming language such as Python, C#, or C++.
- Proficiency in at least one query language such as KQL, SQL, Cypher
- Experience with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against SaaS Apps and AI Apps, and OAuth Apps.
Other Requirements
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
- Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Preferred Qualifications
- Understanding and deep knowledge of commonly used attack tools and frameworks used by Red team
- Experience building complex exploits targeting multiple systems.
- Industry recognized author of security research papers, blogs, presentations, or books. Secure Operations Center (SOC) or blue team experience involving the hunting and discovery of adversaries in enterprise environments.
- Excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements.
Responsibilities
- Perform attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning Power Platform, OAuth Application, Enterprise Applications, AI Applications and their authentication mechanism
- Partner with engineers and product managers to deliver innovative product capabilities
- Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
- Provide subject matter expertise to customers based on industry attack trends and product capabilities.
- Engage with cyber security threat escalations ad hoc when those occur.
