New job, posted less than a week ago!
Job Details
Posted date: Dec 03, 2025
Category: Security Research
Location: Multiple Locations, Multiple Locations
Estimated salary: $158,000
Range: $100,600 - $215,400
Employment type: Full-Time
Work location type: 0 days / week in-office – remote
Role: Individual Contributor
Description
OverviewArtificial Intelligence (AI) has the potential to change the world around us. At Microsoft, we are committed to the advancement of AI driven by ethical principles. We are looking for an AI Security Researcher II to join a small incubation team to accelerate Microsoft’s capabilities for understanding, detecting, and responding to AI incidents. You will work closely with product engineering teams, the AI security platform team, and centralized function teams to deliver detections and protections against emerging AI threats. This work includes attack discovery, actor tracking, tactics, technique, and procedure identification, and authoring of detections.
This role works broadly across Microsoft on all levels of the AI stack and the teams supporting this important transformation. This is part threat analyst, part investigator, part researcher, and always an advocate for customers and the company. Are you passionate about the safety and security of AI and how that intersects with our lives? This may be a great opportunity for you!
Who we are:
We are the Artificial Generative Intelligence Security (AeGIS) team, and we are charged with ensuring justified confidence in the safety and security of Microsoft’s generative AI products. This encompasses providing an infrastructure for AI safety; serving as a coordination point for all things AI incident response; researching the quickly evolving threat landscape; red teaming AI systems for failures; and empowering Microsoft with this knowledge. We partner closely with product engineering teams to mitigate and address the full range of threats that face AI services – from traditional security risks to novel security threats like indirect prompt injection and entirely AI-native threats like the manufacture of sexual exploitation and abuse material (SEAM) or deep fake production or the use of AI to run automated scams. We are a mission-driven team intent on delivering trustworthy AI and response processes when it does not live up to those standards.
We are always learning. Insatiably curious. We lean into uncertainty, take risks, and learn quickly from our mistakes. We build on each other’s ideas, because we are better together. We are motivated every day to empower others to do and achieve more through our technology and innovation. Together we make a difference for all of our customers, from end users to Fortune 50 enterprises.
Our team has people from a wide variety of backgrounds, previous work histories, and life experiences, and we are eager to maintain and grow that diversity. Our diversity of backgrounds and experiences enables us to create innovative solutions for our customers. Our culture is collaborative and customer focused.
What we do:
The AI Incident Detection & Response team is a small team of subject matter experts that has been brought together to accelerate and support Microsoft’s AI services. Our focus is on the attack frontier understanding the latest threats and actors utilizing AI services. We identify new threats and techniques, help to protect against them, and educate the broader company on the latest threat landscape observations. AI has the potential to transform our daily interaction with technology. Our team keeps the outcome focused on justified confidence in Microsoft’s AI services. We are passionate about ensuring that the transformational opportunities outweigh the possible harms. When harm occurs, we address them in a timely manner. We work to improve and create a more resilient system that enables defenders to protect their AI uses and services. Our team tightly partners throughout Microsoft so that we learn from experience and work to prevent harms before they happen.
How you can help:
We are searching for a security researcher who is interested in learning and extending their cybersecurity expertise into the AI realm. In this role, you will drive innovative investigations to identify and understand the latest in attacks against AI and the adversaries behind them. Your curiosity and ability to hunt through large data sets will aid in our discovery and remediation against these novel attacks. Help our product engineering teams, defenders, and customers clearly see the threats that matter most and make a real difference to our customers’ security outcomes. Listening, understanding, writing, and talking are all part of this role.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
This role can sit remote if within a 4 hour commute on one of the posted locations
Responsibilities
Responsibilities
Gather and synthesize threat data to uncover trends, patterns, and insights that inform threat hunting and intelligence reporting.
Contribute to mitigation efforts by producing detection and protection signatures that strengthen defensive posture.
Support research activities by summarizing findings, tracking emerging threats, and learning triage and prioritization processes.
Analyze security issues and support incident response by assisting with root cause investigations, identifying vulnerabilities, and escalating findings for resolution.
Develop detection capabilities by refining methods, automating routine analyses, and measuring data quality using existing tools.
Maintain clean, structured datasets and ensure compliance with privacy and security standards.
Collaborate with researchers and engineering teams to integrate security improvements and enhance incident response processes.
Apply AI workflows to support security analysis plans aligned with product timelines and feature scopes.
Embody our Culture and Values
Qualifications
Required Qualifications
Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience. Other Requirements
Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.Other Requirements:
Bachelor's Degree in Statistics, Mathematics, Computer Science or related field AND 2+ years experience in threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. • Demonstrated curiosity to learn about attacker patterns and behaviors2+ years of experience researching or investigating cyber incidents. Ability to meet Microsoft, customer and/or government security screening requirements are required for this roleBasic understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, MITRE ATT&CK, and MITRE ATLAS. Able to analyze and coherently present complex threat intelligence information in a meaningful way to drive customer change and prioritize workstreams. Experience working with large data sets, using tools and scripting languages like KQL, Jupyter notebooks, Python, PowerShell, Splunk, SQL, and PowerBI. Platform and web forensic experience including certificate and file hash analysis, Windows system log analysis, tracing and investigating IP addresses and the associated geographies. Knowledge of adversary capabilities, infrastructure, and techniques as well as an understanding of operating system functionality that can be applied to define, develop, and implement the techniques that discover and track the adversaries and threats of today and tomorrow. Interpersonal awareness. Communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios. A desire to learn, grow, and drive change. Knowledge of threat intelligence, incident response methodology, and attacker tradecraft. An understanding of Microsoft organizations, technologies and products, especially as they relate to security, will ensure a quick start.
#AI #RAI #Safety #Security #MSECAIR #AEGIS #AIIR
Security Research IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
Check out other jobs at Microsoft.