As a Principal-level Red Team Security Researcher in Microsoft’s Threat Protection Research Purple Team, you will lead the design and execution of sophisticated adversary simulations across various environments including endpoints, identities, clouds, and SaaS platforms. You’ll develop advanced offensive tooling such as C2 frameworks and malware tradecraft while conducting deep research into modern attacker techniques. Your role involves driving threat modeling strategies, leveraging AI to automate attack simulations, and evaluating the effectiveness of defensive systems. You will collaborate with engineering teams to influence product direction and deliver executive-level briefings on strategic recommendations. The ideal candidate has extensive experience in red teaming, offensive security, and adversary emulation, along with expertise in C2 frameworks, malware development, and threat intelligence analysis. This role requires proficiency in Python, C++, and other relevant programming languages, as well as a deep understanding of MITRE ATT&CK methodologies.
Skills
Python
C
Go
MITRE ATT&CK
Kubernetes
AWS
Azure
GCP
Terraform
Docker
CI/CD
LLM-driven workflows
Agentic systems
Threat intelligence
Malware development
Reverse engineering
Exploit development
Adversary emulation
Offensive security
What you'll do
Lead design and execution of complex, multi-stage adversary simulations in various environments.
Develop advanced offensive tooling including C2 frameworks, custom implants, and malware tradecraft.
Conduct deep research into modern attacker techniques and produce new threat intelligence insights.
Design AI-enabled systems to automate offensive operations and scale simulation complexity.
Evaluate defensive system effectiveness and provide strategic recommendations for improvement.
Deliver executive-level briefings on technical reports and strategic security recommendations.
What we're looking for
5+ years experience in red teaming, offensive security, or adversary emulation.
Expertise in C2 framework design, implant development, and offensive infrastructure.
Background in malware development, reverse engineering, or exploit development.
Experience leveraging and producing threat intelligence at the campaign or actor level.
Knowledge of MITRE ATT&CK and threat modeling methodologies.
Security certifications such as OSCP, OSCE, OSEP, OSWE, GPEN, GXPN, GREM.
Market check
Salary context
This
$142,800–$274,800
range sits above
67%
of similar postings on FindRole.
Peer median band
$119,900–$234,000
Median floor and ceiling across peers.
Typical midpoint (25–75%)
$152,150–$214,500
Middle half of comparable postings.
Based on 240 comparable postings.*
* 240 is the maximum number of comparable postings sampled.
Employer
About Microsoft
Microsoft Corporation is a global technology leader producing software, hardware, and cloud services including Windows, Office 365, Azure cloud platform, Xbox gaming, and Surface devices. Industry: Software & Cloud Computing
Microsoft currently has
451 open roles
on FindRole.
Listed pay typically runs
$119,800–$234,700
across 417 roles with salary data.