New job, posted less than a week ago!
Job Details
Posted date: Mar 30, 2026
Category: Investigations
Location: Redmond, WA
Estimated salary: $151,450
Range: $96,500 - $206,400
Employment type: Full-Time
Travel amount: 25.0%
Work location type: 4 days / week in-office
Role: Individual Contributor
Description
OverviewMicrosoft’s Digital Crimes Unit (DCU) is hiring a Cybercrime Investigator to lead global investigations and disruption operations against sophisticated cybercriminal networks and online threat groups. This role conducts proactive technical investigations into cyberattacks, fraud, scams, and other threats targeting Microsoft customers and democratic institutions—or abusing Microsoft products and services, including the malicious use of AI.
Microsoft’s Digital Crimes Unit
DCU is a global team of attorneys, investigators, and analysts that works to protect customers and strengthen trust in Microsoft. With support from Microsoft threat intelligence, fraud and abuse teams, and engineers, DCU uses legal and technical strategies to detect, disrupt, and deter cybercrime, cyber-enabled fraud, scams, and other online threats. DCU sits in Customer Security & Trust (CST) within Corporate, External, and Legal Affairs (CELA).
DCU proactively defends against online threats. Since its inception, DCU has filed lawsuits against 35+ malware families, state-sponsored actors, and developers of cybercrime tools and services (including Cybercrime-as-a-Service platforms): https://www.youtube.com/watch?v=kHArmtKHAv8.
The Role
Success in this role requires commitment to DCU’s mission and continuous learning in emerging technology, including AI. You should thrive in ambiguity, identify the right stakeholders, and deliver results under tight timelines. Microsoft is committed to advancing ethical AI and combating its misuse.
You will investigate high-impact cybercrimes such as ransomware and other malware, business email compromise (BEC) and account takeovers, tech support fraud, and other online scams—often involving financially motivated networks and state-sponsored groups. You will partner with threat intelligence, security engineers, and fraud and abuse teams to investigate complex activity, map malicious infrastructure, and build evidence for affirmative cases. As a DCU investigative expert, you will help prevent misuse of Microsoft services, protect customers, and improve safety across the online ecosystem.
Microsoft’s mission is to empower every person and organization to achieve more. Our Culture promotes a growth mindset so teams and leaders can do their best work. Join us and help shape what’s next.
Responsibilities
Identify and analyze data sources to uncover cybercrime patterns and trends targeting our services and customersBuilding proof-of-concept and prototype threat hunting tools, automations, and new capabilitiesCollaborate with security engineers and cross-company stakeholders to implement comprehensive investigative and enforcement strategiesLead and support complex fraud investigations involving cyber‑enabled financial crime, including online scams, business email compromise (BEC), payment fraud, account abuse, and related large‑scale fraud activity.Conduct analysis on large, complex data sets to detect and investigate anomalies, develop actionable insights and strategiesIdentify and map malicious technical infrastructure used to facilitate cybercrimeWork independently to detect, investigate, and understand new and emerging cybercrime attack vectorsPartner with DCU attorneys to develop legal strategies to disrupt and impact online criminal networksDrafting criminal referrals for law enforcementProvide expert witness testimony in court filings and proceedingsEmbody our culture and values
Qualifications
Minimum Required Qualifications
4+ years experience in compliance, finance, data-analytics, investigations, or related fieldOR equivalent experience.
Other Requirements
Citizenship & Citizenship Verification: This position requires verification of US citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport.Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Additional Preferred Qualifications
Bachelor's Degree in Business, Accounting, Criminal Justice, Law, International Relations or related field AND 8+ years experience in compliance, cyber, finance, data-analytics, investigations, or related fieldOR equivalent experience. 4+ years experience with the following skills and knowledge:Analytical tools such as: Microsoft SQL Server, I2 Analyst Notebook, Paterva Maltego, Kusto (Azure Data Explorer), Python, and other scripting languages.Certifications related to security and/or investigations in incident response and computer forensics.Malware analysis, malware reverse engineering, and behavioral malware analysis.Threat actor evidence, including familiarity with common Indicators of Compromise (IOCs), Indicators of Activity (IOAs), and Tools, Techniques, and Procedures (TTPs).Supporting complex fraud investigations, including large scale online fraud, scams, business email compromise (BEC), payment fraud, account abuse, or related cyber-enabled financial crime.Authoring clear, accurate, highly technical investigative reports involving complex technical findings, with actionable insights for non-technical audiences. Cryptocurrency and blockchain investigation tools.Network protocols, DNS sink holing, intelligence analysis, reporting using standard tools and techniques; and analyzing large datasets and developing effective investigative action plans.
Investigations IC4 - The typical base pay range for this role across the U.S. is USD $96,500 - $188,400 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $123,500 - $206,400 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.