Responsibilities

• Authoring, adjusting, and innovating on heuristic and regex-based rules to react to immediate changes in attacker behaviours for email related phishing and social engineering threats.
• Fully uncovering and documenting attacker campaigns to drive broad product protections.
• Tracking adversary activities, insights from security researchers, and real incidents to develop attacker tradecraft and support durable detection innovations.
• Respond to critical customer escalations to resolve detection effectiveness issues and engage with relevant partner teams to drive great customer experiences.
• Work with, and guide, grading teams to correctly identify and label email messages and URL landing pages.
• Conduct research that yields new insights, hypothesis, algorithms, and prototypes that advance state-of-the-art of threat protection.
• Improve the quality, effectiveness and accuracy of various detections running in our products such as MDO (Microsoft Defender for Office).

Qualifications

• Degree in Computer Science or a related technical discipline
• 5+ years of computer security industry experience 
• 1+ years of coding and scripting experience (Regex, Python, SQL, KQL) 
• Deep knowledge of email communications and the security landscape to investigate, respond to, document, and mitigate risks from email-based attacks
• Familiar with email headers, email authentication protocols, and related analysis tools
• Experience authoring and interacting with big data solutions to pull and analyse data
• Solid understanding of attacker tradecraft associated with email, app-based, cloud threats 
• Strong understanding of attacker mindset and ability to apply defensive tactics to protect against it
• Experience working through ambiguity to drive innovations in detections
• Broad, general familiarity with the threat landscape affecting enterprise customers
• Good verbal and written communication skills in English