Principal Security Researcher

Microsoft

Quick summary

Work type: On-site
Location: US
Salary: $142,800–$274,800 / yr
Posted: 19 days ago
Closes: Dec 5, 2026
Nearby: 93 roles within 25 mi

Market check

Salary context

Above market

How this pay compares to similar roles

Similar $182k

This role $209k

$119k most similar roles pay here $292k

This role pays more than 74% of similar roles. Most pay $151,475–$213,500 — the shaded band above. At the midpoint, this role pays about $209k versus about $182k for comparable roles.

Based on 239 similar postings.

Employer

About Microsoft

Microsoft Corporation is a global technology leader producing software, hardware, and cloud services including Windows, Office 365, Azure cloud platform, Xbox gaming, and Surface devices. Industry: Software & Cloud Computing

Microsoft currently has 622 open roles on FindRole.

Listed pay typically runs $119,800–$234,700 across 571 roles with salary data.

Most-posted roles

View all roles at Microsoft

At a glance

TL;DR · Principal Security Researcher

Role Posting Log in to save

As a Principal-level Red Team Security Researcher at Microsoft Threat Protection Research (MTP-R) Purple Team, you will lead the design and execution of complex adversary simulations across various environments, including endpoints, identities, clouds, and SaaS platforms. Your responsibilities include developing advanced offensive tooling, conducting deep research into modern attacker techniques, and leveraging AI to automate attack simulations and enhance simulation fidelity. You will work closely with engineering teams to evaluate defensive systems and provide strategic recommendations for improvement, while also delivering executive-level briefings and technical reports. This role requires expertise in C2 framework design, implant development, malware creation, and threat intelligence, as well as a strong background in offensive security practices such as adversary emulation and AI-driven operations.

Skills

Python C Go MITRE_ATT&CK Kubernetes Azure AWS Terraform Docker CI/CD PostgreSQL MongoDB Git LLM Agentic_Systems Threat_Intelligence Malware_Analysis Reverse_Engineering Exploit_Development

What you'll do

Lead design and execution of complex adversary simulations across multiple environments.
Develop advanced offensive tooling, including scalable C2 frameworks and custom implants.
Conduct deep research into modern attacker techniques and evasion strategies.
Drive threat modeling strategy to align with real-world campaigns and emerging threats.
Design AI-enabled systems to automate offensive operations and scale simulation complexity.

What we're looking for

5+ years experience in red teaming, offensive security, or adversary emulation
Expertise in C2 framework design, implant development, and offensive infrastructure
Background in malware development, reverse engineering, or exploit development
Experience leveraging and producing threat intelligence at the campaign level
Knowledge of MITRE ATT&CK and threat modeling methodologies
Security certifications such as OSCP, OSCE, OSEP, OSWE, GPEN, GXPN, GREM

Remote

Save