Principal Security Researcher

Microsoft

Quick summary

Work type: On-site
Location: —
Salary: $142,800–$274,800 / yr
Posted: 18 days ago
Closes: Dec 6, 2026

Market check

Salary context

Above market

How this pay compares to similar roles

Similar $182k

This role $209k

$119k most similar roles pay here $292k

This role pays more than 74% of similar roles. Most pay $151,475–$213,500 — the shaded band above. At the midpoint, this role pays about $209k versus about $182k for comparable roles.

Based on 239 similar postings.

Employer

About Microsoft

Microsoft Corporation is a global technology leader producing software, hardware, and cloud services including Windows, Office 365, Azure cloud platform, Xbox gaming, and Surface devices. Industry: Software & Cloud Computing

Microsoft currently has 622 open roles on FindRole.

Listed pay typically runs $119,800–$234,700 across 571 roles with salary data.

Most-posted roles

View all roles at Microsoft

At a glance

TL;DR · Principal Security Researcher

Role Posting Log in to save

As a principal-level security researcher on the Microsoft Threat Protection Research Purple Team, you will design and execute advanced adversary simulations across various digital surfaces using both human-driven and AI-enabled methods. You will collaborate closely with engineering teams to enhance detection coverage and response effectiveness by analyzing telemetry data with Kusto/KQL. Your role involves translating attacker tradecraft into actionable insights for defenders, applying MITRE ATT&CK frameworks to identify gaps in security measures, and leveraging threat intelligence to produce new research findings. Additionally, you will build AI-driven systems to automate simulation workflows and accelerate analysis, evaluating the effectiveness of agentic security capabilities to influence product strategy at a global scale. This role requires extensive experience in incident response, threat hunting, and SOC operations, along with expertise in MITRE ATT&CK methodologies and advanced knowledge of threat intelligence frameworks.

Skills

Kusto KQL Mitre ATT&CK Python Azure GitHub LLM AI Agentic Systems Docker Kubernetes Terraform Git CI/CD PostgreSQL MongoDB Redis Grafana Prometheus

What you'll do

Design and execute purple team simulations to emulate real-world threats across various surfaces.
Analyze telemetry data using Kusto/KQL to validate detection logic and uncover gaps in coverage.
Translate attacker tradecraft into actionable insights for defenders, including detection recommendations.
Partner with engineering teams to evaluate detection coverage and response effectiveness of Microsoft Defender tools.
Apply MITRE ATT&CK framework to map adversary behavior and communicate findings to diverse audiences.
Design AI-enabled systems to automate simulation workflows and accelerate post-simulation analysis.

What we're looking for

8+ years of experience in incident response, threat hunting, or SOC operations.
Deep understanding of MITRE ATT&CK and threat modeling methodologies.
Ability to design and execute advanced adversary simulations across multiple surfaces.
Experience in analyzing telemetry using Kusto/KQL for detection validation.
Proficiency in leveraging and contributing to threat intelligence at the campaign level.
Knowledge of AI-enabled security research and agentic systems.
Security certifications such as GCIA, GMON, GCIH, or CISA.

Save