In your day-to-day work, you will partner with data scientists to identify and quantify risky behavior by insiders in enterprise networks and develop calibrated risk scoring models for use directly by our customers. You’ll have access to vast amounts of threat-related data from billions of endpoints and other sources with the opportunity to collaborate with partners across Microsoft who have decades of security and data-driven expertise. Leveraging this vast amount of data, you will pioneer and evaluate new detection approaches through hunting and proofs-of-concept to tell the end-to-end story of risky insiders.
- Threat hunt to discover real-world insider threat behaviors together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft 365 Defender.
- Provide subject matter expertise to customers based on industry attack trends and product capabilities.
- Perform insider threat tradecraft research and threat landscape investigation.
- Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
- Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities through proof-of-concept design and results.
Qualification & Experience:
- BS or equivalent experience in computer science, engineering, or information technology.