Microsoft Corporation Senior Research Engineer in Redmond, Washington

Threat Protection Sciences (TPS) is a research team focused on one of Microsoft’s most exciting new products: Windows Defender Advanced Threat Protection (WDATP). As cyber-attacks have become more sophisticated, WDATP helps enterprises detect, investigate, and respond to advanced attacks and data breaches on their network. From detecting nation state actors to patient 0 ransomware infections, our research team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover even the most well-funded attacker.

To combat apex-level attackers, we subject WDATP to internal redteam operations and adversary simulation services available throughout Microsoft. We are looking to expand these capabilities with a world class security research engineer/penetration tester focused on bypassing, evading, and breaking WDATP using cutting edge attacker tradecraft and toolsets.

Primary responsibilities would include:

•Develop or investigate new attacker tradecraft to evaluate WDATP detection capabilities and future investments.

•Lead and participate in end-to-end redteam activities across entire kill chain with the goal to stay invisible.

•Tamper with WDATP and provide ongoing assessment of attack resiliency, including WDATP operating system dependencies.

•Collaborate with our data science team to understand and identify detection capabilities, assumptions, and improvements.

•Collaborate with other internal redteams to share and repurpose advanced attacker tradecraft.

Basic qualifications:

•1+ year of penetration testing experience

•Familiarity with C, C++, C#, or scripting languages (PowerShell, VBScript, Python)

Preferred qualifications:

•Strong operating system security knowledge across the attacker kill chain focusing on AV or detection evasion.

•Excellent cross group and interpersonal skills, with the ability to articulate the business need for security or detection improvements.

•Public track record of relevant security research and attacker tradecraft.

•Experience exploiting bugs and bypassing security mitigations in operating systems.

•Familiarity with the Windows architecture.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to askstaff@microsoft.com.

Program management (engineering)