Cyber security has reached a point where basic methods in detection are not sufficient in terms of effectiveness and scalability. New approaches are needed to tackle this ever growing problem, and Microsoft is ambitious in growing data science capability in this space. In particular, a research team has been formed to focus on one of Microsoft's most exciting new products: Windows Defender Advanced Threat Protection (WDATP). As cyber-attacks have become more sophisticated, WDATP helps enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks. From detecting nation state actors to patient 0 ransomware infections, our research team brings deep knowledge of the attacker landscape and tradecraft to create the innovations necessary to uncover even the most well-funded attacker. This is done through a combination of logic, machine learning and statistical approaches. In particular, we are seeking applied data scientists who can contribute to our behavioral
Produce cutting edge detection solutions through data science involving: Working with cyber threat experts to identify research questions, understand data sources and design data driven solutions Conducting exploratory data analysis to understand the data distributions and issues Developing prototype detection solutions Reducing false positives and increasing true positives through an iterative process Working with engineers to ship prototypes to production
Required qualifications: MS or PhD in Statistics, Mathematics, Computer Science or related field, or 3 years of equivalent experience Experience modeling temporal/spatial and high dimensional data with an emphasis on interpretability Large scale computing experience Ability to take theory to practice rapidly Preferred qualifications: Experience in unsupervised methods/anomaly detection 3+ years experience with R, Python, C#, Apache Spark Streaming or near-real time methods Knowledge of Windows/NT internals Experience in cyber security or cyber defense #WDATPRED