Security Researcher

Come build community, explore your passions and do your best work at Microsoft with thousands of University interns from every corner of the world. This opportunity will allow you to bring your aspirations, talent, potential—and excitement for the journey ahead.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. 

Qualifications

Required Qualifications 

o Currently pursuing a Bachelor's or Master’s Degree in Statistics, Mathematics, Computer Science or related field

· Must have at least one additional quarter/semester of school remaining following the completion of the internship.

• Strong quantitative skills (e.g., as demonstrated by your degree course in a quantitative field such as Mathematics, Statistics, Computer Science, Engineering, etc.).

• Curiosity and passion for problem solving; ability to learn new skills quickly and apply them to threat tracking problems 
• Experience applying data-driven inference methods such as statistics, data mining or machine learning to data at scale. 

• Strong programming skills in Python or Java/Scala/C#, with understanding of cloud architectures and distributed computing such as Apache Spark.

Preferred Qualifications 

• Demonstrable experience in applying a research methodology to telemetry in the security domain to detect and track malicious activity for new and novel threat actor TTPs. 

• Track record of prototyping new innovative ideas and seeing them through to production. 

• Knowledge of cloud identity TTPs and applying this to threat detection at scale.  

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Responsibilities

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

· Begin to analyze threat trends and anomalies to determine operational impact. Determine vectors that introduce threat and potential mitigation strategies. Learn about systemic security issues and how to address them.

· Process threat reporting from internal and external sources. Provide discrete threat data based on intelligence requirements or customer requests.

· Identify security defects or vulnerabilities and deficiencies in security guidance.

· Contribute code to technical implementation and automation of solutions to address security issues, such as signature detection, malware, threat analysis, or reverse engineering. Use results from research and experimentation to support architecture or product direction.

· Identify areas of dependency and overlap with other teams or team members. Provide constructive input so the work is integrated and timely. Communicate the status of deliverables and dependencies to meet schedule.

· Engage in measures to protect tools, techniques, information, and results of security practices. Respond to incidents for systems or products as needed. Use results of pen testing to improve products and services.