Security Researcher

תל אביב
משרה קבועה
משרה מלאה

לפני חודש

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.Come and be part of a new and dynamic team, focusing on emerging threats against organizational -enterprise environments. There's an opportunity joining a new team focusing on disrupting nation state and stealthy attacks, across all the Microsoft Defender's stack products, this role is currently focusing one of the flagships of the Defender stack - Microsoft Defender for Endpoint. Join the elite team powering Microsoft Defender's most groundbreaking autonomous protection system: Automatic Attack Disruption. As cyber threats evolve in sophistication, our team leads the charge in detecting, investigating, and automatically disrupting stealthy attacks conducted by various threat groups - from nation states to sophisticated cyber criminals. We're looking for a passionate security researcher ready to make a real-world impact by protecting global enterprises from advanced and sophisticated attacks. As part of our Israeli research team, you'll hunt through diverse signals across on-premises, hybrid and cloud environments, uncovering advanced threats, research emerging attack techniques, design next-generation protection systems, and develop detection logic that ensures no compromise goes unnoticed. This is your chance to stay steps ahead of advanced adversaries while building autonomous defense capabilities that protect organizations worldwide. The job includes ideation to customer facing detection, researching novel attack techniques, hunting through our rich sensor data, identifying necessary optics for detecting malicious behaviour and crafting detection and protection logic to ensure compromise does not go undetected. Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate possesses every desired skill and experience, but together, we form a strong, effective team. Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond._Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond._Responsibilities

Conduct in-depth research to develop detection mechanisms for novel and advanced offensive techniques - from exploits to implants.
Lead end-to-end implementation efforts: from offensive proof-of-concept (PoC) to scalable, deployable detection logic across agent and cloud platforms.
Focus on low-level Windows Internals-based detections, with the opportunity to expand into additional high-impact attacker surfaces.
Proactively hunt across diverse signal sources - including on-premises, hybrid, and cloud environments - to uncover stealthy threats and emerging attack techniques.
Stay current with the latest cyberattack trends and design robust, sophisticated detection logic across the full attacker kill-chain.
Build and implement innovative automated disruption capabilities that autonomously detect and mitigate attacks in real time.
Investigate real-world incidents to improve protection strategies and enhance the Microsoft Defender for Endpoint (MDE) product.
Collaborate with engineering and product teams to design security sensors, validate protection ideas, and measure effectiveness using data-driven approaches.
Engage with customers to identify product gaps, share insights, and enhance protection coverage based on real-world needs.
Contribute to the broader security community by authoring technical blogs, sharing research findings, and presenting at leading security conferences.

Qualifications

8+ years of hands-on experience in cybersecurity research, preferably in endpoint or network-based threat scenarios.
Deep understanding of Windows OS internals including User & Kernel mode architecture.
Proven experience in low-level development, preferably in C or C++ on Windows platforms.
Familiarity with cloud environments (e.g., Azure, AWS) and understanding of security challenges in hybrid or multi-cloud infrastructures.
Strong grasp of modern attacker techniques, including MITRE ATT&CK and full kill-chain methodologies.
Demonstrated ability to lead end-to-end research efforts from offensive PoC to scalable detection deployment.
Experience in threat hunting across diverse signal sources (on-prem, hybrid, and cloud).
Coding proficiency in at least one of the following: C, C++, C#, Python, or Rust.
Curious, analytical mindset with the ability to thrive in ambiguous and evolving threat landscapes.
Excellent collaboration and communication skills, with experience working in cross-functional, global teams.

Preferred Qualifications

Background in offensive security research or red teaming.
Experience in reverse engineering (e.g., using debuggers, disassemblers, analyzing file formats).
Hands-on knowledge of digital forensics, incident response, or threat intelligence.
Prior contributions to the security community (e.g., blogs, conference talks, or whitepapers).
Familiarity with macOS, Linux, or other operating systems at the low level.

**Other Requirements**Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:

This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

#MSFTSecurity #MSFTSecurity #SecurityResearch #AttackDisruption #MTPRILMicrosoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about .⚠הגש מועמדות באתר החברהמשרות דומות שיכולות לעניין אותך03/07/2025תל אביבדרוש/ה מפתח/ת c# בכיר/ה משרה היברידית בתל אביב תחילת עבודה מיידיתאנחנו מחפשים מפתח/ת c# בכיר/ה עם רקורד מוכח בביצוע עצמאי של פרויקטים מורכבים so...17/07/2025תל אביבFlymingoLocation: Tel Aviv / HybridTeam: LeadershipType: Full-timeAbout Flymingo**Flymingo is revolutionizing logistics operat...17/07/2025תל אביבדרוש/ה r&d team leader 📍 קריית אונו משרה היברידית משרה מלאהחברת טכנולוגיה מגייסת ראש צוות פיתוח עם יכולות ניהול, חשיבה מערכתית וחזקה בפיתוח hands...19/07/2025תל אביבnSoftWe're hiring a Full-Stack Team Lead for one of our best clients - hybrid positionThe mission

Lead and mentor a small full-stack...

20/07/2025רעננה, 13.91 ק"מ ממיקומךExperis Israel✨Ready to GO Further with Us?✨#WeAreHiring: Software Engineer (GO)📍Ra'anana | HybridWhat you'll do:

Work as part of ...

20/07/2025תל אביבSafeBreach🔹 Title: Windows Internals Team Leader📍 Locations (Hybrid): Tel Aviv (Sky Tower)👥 Reporting To: CTO🌟 **Opportunity Highlight...22/07/2025תל אביבLogica-ITדרוש/ה Java Backend Developer לארגון פיננסי גדול ויציב בת"א.עבודה במודל היברידי.**מהות התפקיד:****פיתוח של תשתיות אפליקטיביות בתחום ...20/07/2025תל אביבElsight - UAV & UGV Connection ConfidenceDescriptionWe are looking for a driven and independent Sales Manager to lead our growth efforts across *Israel and the Asia-Pacific region...20/07/2025תל אביבCirclesAbout Circles:At Circles, we believe in providing emotional support through expert-led, real time support groups. Our transformative group suppo...קצת עלינוMploy הוא לוח דרושים מבוסס AI, שנועד לסייע למחפשי עבודה ולמעסיקים כאחד, תוך יצירת פלטפורמה חדשנית, איכותית המובילה את שוק העבודה בישראל.אנו מאגדים משרות עדכניות מאלפי מקורות בארץ, ומנגישים אותן ביעילות באמצעות סוכן AI חכם שמתאים משרות רלוונטיות למועמדים ומאפשר הגשת מועמדות בלחיצת כפתור.הפלטפורמה שלנו מציעה התאמות משרות מבוססות בינה מלאכותית עם אחוז התאמה אישי, קבוצות WhatsApp ייעודיות לפי תחום, ואפליקציה מתקדמת שמאפשרת חיפוש ושליחת קורות חיים מכל מקום ובכל זמן.Mploy אצלכם בוואטסאפ✨ רוצים להתעדכן בכל המשרות הכי שוות ישר לנייד?הצטרפו לקבוצות הוואטסאפ שלנו וקבלו את כל ההצעות המתאימות - בלי לחפש, ובלי לפספס. מחכים לכם! 📱😊

Mploy

הגש מועמדות