Senior Security Researcher, Cloud Apps and Identity

Senior Security Researcher, Cloud Apps and Identity

The Cloud Apps and Identity Research team (CAIR) at Microsoft is actively seeking a Senior Security Researcher specializing in Identity-based attacks and threats. This role focuses on essential authentication protocols and technologies, both on-premises and in the cloud (e.g., Kerberos, SAML, OAuth, LDAP), as well as the logs and internal mechanisms of Identity Providers (e.g., Entra ID, Okta). The position involves conducting in-depth technical research to dissect identity attacks observed through security research, incidents, the threat landscape, and customer reports. You will guide product and engineering teams to deliver enhanced optics, high-confidence detections, and durable protection for our customers.

Responsibilities

• Join a team of curious, collaborative, and impact-driven security researchers. In this role, you’ll combine technical depth with creative problem-solving to protect millions of users and shape the future of identity security.
• Analyze and understand the internals of authentication/network protocols and be able to independently reproduce identity-based attacks for investigation, study, and research purposes.
• Become a subject matter expert in the investigation, collection, analysis, and forensics of identity logs, including a deep understanding of current trends and the landscape of identity-based attacks and exploits.
• Collaborate with multiple product and engineering teams to design the next iteration of sensors, implement detection ideas, and validate their effectiveness using a data-driven approach.
• Work together with different engineering teams to deliver the prototype and code to support the research findings.
• Provide cybersecurity expertise as needed during security escalations and incidents to help protect Microsoft and our customers.

Qualifications

• You have at least 7+ years of demonstrated security research experience.
• Engineering skills with proficiency in developing C / Python solutions and prototypes.
• Experience with leading a feature end to end (design, coding, testing, maintenance).
• B.Sc. or M.Sc. in Computer Science, Software Engineering, or relevant practical experience (e.g., service in an elite technology unit in the IDF).

Preferred Qualifications

• Offensive security research experience.
• Industry-recognized author of security research papers, blogs, or books.
• Excellent cross-group and interpersonal skills.
• Demonstrated expertise in Identity Security.

Key skills/competency

• Identity Security
• Cloud Security
• Authentication Protocols
• Threat Research
• Incident Response
• Data Analysis
• Detection Engineering
• C/Python Development
• Forensic Analysis
• Identity Providers