Threat Researcher

View full description

Requirements:

• 5+ years in threat research, cyber threat intelligence, or adversary tracking.
• 3+ years focused on Microsoft cloud security (Azure, M365, Defender, Entra ID, or Sentinel).
• Expertise in Microsoft cloud security architecture, identity protection, SaaS security, and misconfiguration risks.
• Strong data analysis skills with experience using SQL, PySpark, KQL, or similar tools to analyze cloud-based threats.
• Deep knowledge of MITRE ATT&CK, Microsoft attack techniques, and adversary tradecraft.
• Hands-on experience with Microsoft Defender for Office 365, Defender for Identity, and Microsoft Sentinel.

Responsibilities:

• Conduct in-depth research on Microsoft cloud security threats, phishing techniques, and identity-based attack vectors.
• Track APT groups, financially motivated actors, and cloud-native threat campaigns targeting Azure and Microsoft 365 environments.
• Analyze MFA bypass techniques, token theft, session hijacking, and adversary tactics used against Microsoft authentication mechanisms.
• Reverse-engineer phishing kits, adversary infrastructure, and cloud-native attack methodologies to enhance security insights.
• Develop threat models and in-depth attack reports to inform Microsoft-focused threat intelligence.
• Research misconfigurations, security posture risks, and SaaS security gaps in Microsoft Entra ID, Azure AD, and M365 security settings.
• Develop SSPM research insights and contribute to configuration playbooks to improve Microsoft cloud security posture.
• Identify misconfiguration-driven threats and work with Engineering to enhance detection and mitigation strategies.
• Analyze security posture deviations that could expose Microsoft environments to account takeovers, phishing, and privilege escalation attacks.
• Provide deep-dive research into Microsoft cloud attack methodologies to help enhance security product capabilities.
• Work with R&D and Engineering teams to ensure research findings translate into practical security enhancements.
• Deliver technical briefings and intelligence reports on Microsoft threat trends, attacker tactics, and detection opportunities.
• Partner with internal stakeholders to evaluate emerging threats and recommend security improvements for Microsoft cloud environments.

Related Articles

Why remote work is such a nice opportunity?

Posted 6 days ago

Why is remote work so nice? Let's try to see!

Read More

Remote Job Certifications and Courses to Boost Your Career

Posted 7 months ago

Insights into the evolving landscape of remote work in 2024 reveal the importance of certifications and continuous learning. This article breaks down emerging trends, sought-after certifications, and provides practical solutions for enhancing your employability and expertise. What skills will be essential for remote job seekers, and how can you navigate this dynamic market to secure your dream role?

Read More

How to Balance Work and Life While Working Remotely

Posted 7 months ago

Explore the challenges and strategies of maintaining work-life balance while working remotely. Learn about unique aspects of remote work, associated challenges, historical context, and effective strategies to separate work and personal life.

Read More

Weekly Digest: Remote Jobs News and Trends (August 11 - August 18, 2024)

Posted 7 months ago

Google is gearing up to expand its remote job listings, promising more opportunities across various departments and regions. Find out how this move can benefit job seekers and impact the market.

Read More

How to Onboard Remote Employees Successfully

Posted 7 months ago

Learn about the importance of pre-onboarding preparation for remote employees, including checklist creation, documentation, tools and equipment setup, communication plans, and feedback strategies. Discover how proactive pre-onboarding can enhance job performance, increase retention rates, and foster a sense of belonging from day one.

Read More