Senior Security Researcher

Microsoft

Quick summary

Work type: On-site
Location: US
Salary: $119,800–$234,700 / yr
Posted: 3 days ago
Closes: Dec 22, 2026
Nearby: 93 roles within 25 mi

Market check

Salary context

Competitive pay

How this pay compares to similar roles

Similar $180k

This role $177k

$106k most similar roles pay here $248k

This role pays more than 50% of similar roles. Most pay $151,475–$208,450 — the shaded band above. At the midpoint, this role pays about $177k versus about $180k for comparable roles.

Based on 239 similar postings.

Employer

About Microsoft

Microsoft Corporation is a global technology leader producing software, hardware, and cloud services including Windows, Office 365, Azure cloud platform, Xbox gaming, and Surface devices. Industry: Software & Cloud Computing

Microsoft currently has 622 open roles on FindRole.

Listed pay typically runs $119,800–$234,700 across 571 roles with salary data.

Most-posted roles

View all roles at Microsoft

At a glance

TL;DR · Senior Security Researcher

Role Posting Log in to save

Join the Microsoft Threat Protection Research Purple Team as a senior-level red team security researcher to design and execute realistic attack simulations across endpoint, identity, cloud, and SaaS environments. You will develop offensive tooling, conduct malware research, and leverage AI systems to scale simulation fidelity while partnering with blue teams to enhance defensive capabilities. Utilize threat intelligence and MITRE ATT&CK frameworks to inform adversary emulation scenarios and contribute to technical documentation. Ideal candidates have a PhD or equivalent experience in computer science or security, along with extensive background in software development, large-scale computing, and cybersecurity. Proficiency in coding, classical and deep learning machine learning methods, and knowledge of threat modeling methodologies are essential for this role within Microsoft’s AI-first environment focused on advancing digital security.

Skills

Python C# MITRE ATT&CK Kubernetes Azure AWS Docker Terraform GitHub GitLab Jenkins CI/CD PostgreSQL MongoDB Linux Windows Malware analysis Threat intelligence Machine learning Deep learning

What you'll do

Design and execute adversary simulations across various environments to emulate real-world threat actors.
Develop and modify offensive tooling, including custom payloads and command-and-control frameworks.
Conduct malware development research to replicate modern attacker techniques such as evasion and persistence.
Utilize AI systems to generate attack variations and automate tradecraft execution for simulation fidelity.
Analyze telemetry from simulations to assess detection coverage and identify defensive gaps.
Contribute to technical documentation and internal knowledge sharing on offensive security practices.

What we're looking for

Doctorate or Master's degree in a relevant field plus extensive software development and threat analysis experience.
Minimum 4 years of experience in cybersecurity, vulnerability research, anomaly detection, and large-scale computing.
Proven expertise in incident response, threat hunting, and security operations center (SOC) roles.
Deep understanding of MITRE ATT&CK framework and threat modeling methodologies.
Strong coding skills with at least 3 years of hands-on programming experience.
Experience leveraging and producing high-level threat intelligence for campaigns or actors.

Save