Come help us defend the world from cyber-attacks using your passion for data analysis and software development!

Who we are:

We are the Security and Compliance (S+C) team; we are committed to defending Microsoft customers from cyber-attacks as well as providing sophisticated tooling for securing important data. S+C fosters an agile development environment, continuously gathering and analyzing data to combat evolving threats. Our mission is to help protect customers with truly innovative proactive protection, advise customers on emerging trends, and engage in valuable partnerships.

As the Research organization within S+C, it’s our job to stay one step ahead of malicious adversaries and predict the threats of the future. We work with partners across Microsoft to innovate new approaches for detecting and tracking threats, attacker techniques, their tools and infrastructure.

We are always learning. Insatiably curious. We lean into uncertainty, take risks, and learn quickly from our mistakes. We build on each other’s ideas, because we are better together. We stand in awe of what humans dare to achieve and are motivated every day to empower others to do and achieve more through our technology and innovation. Together we make a difference for all of our customers, from end-users to Fortune 50 enterprises.

What we build:

We build innovative security and data compliance products. Our security products are brought together in the Microsoft 365 Defender (M365D) suite. M365D enables Microsoft’s enterprise customers to detect, investigate,understand,and respond to advanced threats on their networks via a combination of behavioral sensors, cloud security analytics,and threat intelligence.

How you can help:

We need your passion and engineering creativity to help protect our customers. The systems and tools you will work on will directly protect our customers around the world. You’ll have access to vast amounts of threat-related data from billions of endpoints and other sources. Within Microsoft, we have many partner teams that have decades of engineering and ML expertise who you will be able to collaborate with. We also offer many company-sponsored classes and conferences that focus on data science and ML.

We want you to bring your authentic self and unique experiences to work. There is no requirement for prior security experience. We want to hear your ideas on how we can use our unparalleled breadth of data and resources to protect the world from cyber threats.




  • Design and implement scalable systems for analyzing data across cyber intelligence knowledge graphs to identify and track sophisticated attacker techniques, tools, and infrastructure.  
  • Utilize threat research to improve our analytic capabilities, develop new detection methodology, and influence the development of detection capability.
  • Seek opportunities in our day-to-day workflow to improve quality and efficiency from ideation to deployment.
  • Partner with Security Analysts and Researchers to design experiments to test new and novel methods of detecting adversaries.
  • Document your processes and workflow in sharable documents for future reuse and adoption.
  • Develop and foster strong, collaborative relationships with security analysts and researchers in the security community across our larger team and Microsoft.

Required Qualifications: 

  • 2-3+ years of professional experience designing and developing software or services.

Preferred Skillsets and Experience:

  • Programming or scripting background. (Python, PowerShell, C#, C++, etc.)
  • Ability to analyze and present complex data visually in a meaningful way.
  • Background in design and implementation of large-scale data mining and workflow systems.
  • Experience working with high-volume, highly dimensional data at scale using distributed parallel processing systems (e.g. Hadoop, Spark), graph database technology (e.g. Neo4j, Azure Cosmos DB/Gremlin), as well as common document (No-SQL) and relational database technologies. (e.g. MongoDB, MySQL).
  • Excellent communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.
  • Experience tracking cyber threats and leveraging intelligence on methodology, tools, and infrastructure highly desirable.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Job Overview