Principal Applied Threat Intelligence Analyst...

Microsoft
Redmond, United States of America
15 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 275K

Job location

Redmond, United States of America

Tech stack

Microsoft Online Services
C Sharp (Programming Language)
C++
Computer Security
Computer Programming
Python
Network Architecture
Network Protocols
Powershell
Reverse Engineering
Security Information and Event Management
Software Engineering
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
Cyber Threat Analysis
Information Technology
Cybercrime
Microsoft Sentinel
Operating System Security
Vulnerability Analysis

Job description

As a Principal Applied Threat Intelligence Analyst, you will:

  • Author and publish high-impact threat intelligence reports (actor profiles, campaign analyses, trend reports, TTP deep-dives, vulnerability profiles) for both customer-facing and internal audiences.

  • Translate complex technical findings into clear, prescriptive guidance for security operations teams, executives, and the broader defender community.

  • Partner with product, research, marketing, and communications teams to land intelligence through Microsoft's customer-facing surfaces (Agentic Security, Defender XDR, Sentinel, blogs, briefings).

  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed.

  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups.

  • Mentor analysts and contribute to tradecraft, analytic standards, and team-wide knowledge sharing.

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.

  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.

  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.

  • OR equivalent experience.

Other Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

Microsoft Cloud Background Check:

  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications:

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.

  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.

  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.

  • OR equivalent experience.

  • 10 + years of experience in cyber threat intelligence, threat hunting, incident response, or a closely related security discipline.

  • Demonstrated experience producing finished threat intelligence reporting for technical and/or executive audiences.

  • Attribution experience creating threat groups, assessing connections between established threat groups, and communicating attribution assessments to internal stakeholders and customers in a timely manner.

  • Working experience with Microsoft Sentinel and Microsoft Defender XDR (or directly comparable SIEM/XDR platforms).

  • Understanding of adversary tradecraft, the cyber kill chain, and frameworks such as MITRE ATT&CK, the Diamond Model, and structured analytic techniques.

  • Written and verbal communication skills, with a portfolio of public or customer-facing intelligence writing.

  • Experience with endpoint, cloud, network, and identity-based attacks and datasets.

  • Comprehensive OS security/internals knowledge.

  • Understanding of network protocols and analytical experience with network infrastructure data & telemetry.

  • Reverse-engineering with static and behavioral binary analysis experience.

  • Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.

  • Programming or scripting background (Python, PowerShell, C#, C++, etc.)

#MSSecurity

About the company

Microsoft is a global technology company headquartered in Redmond, Washington. Our mission is to empower every person and every organization on the planet to achieve more. We develop, license, and support a wide range of software products, services, and devices that help individuals and businesses realize their full potential.

Our flagship products include the Microsoft 365 productivity cloud, Windows operating system, Azure cloud platform, and Dynamics 365 business applications. We are also a leader in areas such as artificial intelligence, cybersecurity, developer tools, and gaming through Xbox and Game Pass.

With operations in more than 190 countries and over 220,000 employees worldwide, Microsoft is committed to responsible innovation, inclusive economic growth, and sustainability. We work closely with governments, industries, and communities to ensure that technology serves the public good and helps address some of the world’s most pressing challenges.

As we celebrate our 50th anniversary in 2025, we continue to look forward—investing in AI, cloud, and quantum computing to shape the future of work, education, and society at large scale.

Apply for this position