Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Threat Researcher - Microsoft Azure/M365

extra holidays
Remote: 
Full Remote
Work from: 
Europe

Abnormal Security logo
Abnormal Security Cybersecurity Scaleup http://www.abnormalsecurity.com
501 - 1000 Employees
See all jobs

Job description

About the Role

Abnormal Security is looking for a Threat Researcher with expertise in Microsoft cloud security, threat research, and SaaS Security Posture Management (SSPM). In this role, you will conduct deep-dive research on Microsoft cloud threats, adversary techniques, and misconfigurations, while also contributing to security posture improvements and mitigation strategies. You will work closely with R&D and Engineering teams to enhance security product capabilities, refine detections, and develop configuration playbooks for Azure, Microsoft 365, Defender Suite, and Entra ID.

Who you are
  • Experienced in threat research, with a deep understanding of Microsoft cloud ecosystems, SaaS security, and identity-based threats.
  • Strong knowledge of Microsoft security tools, including Defender for Office 365, Defender for Identity, Defender for Cloud Apps, and Sentinel.
  • Proficient in adversary TTP analysis, phishing attack research, misconfiguration risks, and security posture hardening.
  • Data-driven researcher, with experience using SQL, PySpark, KQL, and other query-based tools to analyze large datasets.
  • Skilled at bridging security research with engineering, ensuring insights lead to practical security improvements.
  • Comfortable working in agile, cross-functional teams, driving security posture improvements across Microsoft cloud environments.
  • Strong communicator, able to deliver detailed research findings to both technical and non-technical stakeholders.
What you will do
Threat Research & Adversary Tracking
  • Conduct in-depth research on Microsoft cloud security threats, phishing techniques, and identity-based attack vectors.
  • Track APT groups, financially motivated actors, and cloud-native threat campaigns targeting Azure and Microsoft 365 environments.
  • Analyze MFA bypass techniques, token theft, session hijacking, and adversary tactics used against Microsoft authentication mechanisms.
  • Reverse-engineer phishing kits, adversary infrastructure, and cloud-native attack methodologies to enhance security insights.
  • Develop threat models and in-depth attack reports to inform Microsoft-focused threat intelligence.
SSPM & Security Posture Research
  • Research misconfigurations, security posture risks, and SaaS security gaps in Microsoft Entra ID, Azure AD, and M365 security settings.
  • Develop SSPM research insights and contribute to configuration playbooks to improve Microsoft cloud security posture.
  • Identify misconfiguration-driven threats and work with Engineering to enhance detection and mitigation strategies.
  • Analyze security posture deviations that could expose Microsoft environments to account takeovers, phishing, and privilege escalation attacks.
Security Research & Cross-Functional Collaboration
  • Provide deep-dive research into Microsoft cloud attack methodologies to help enhance security product capabilities.
  • Work with R&D and Engineering teams to ensure research findings translate into practical security enhancements.
  • Deliver technical briefings and intelligence reports on Microsoft threat trends, attacker tactics, and detection opportunities.
  • Partner with internal stakeholders to evaluate emerging threats and recommend security improvements for Microsoft cloud environments.
Must Haves 
  • 5+ years in threat research, cyber threat intelligence, or adversary tracking.
  • 3+ years focused on Microsoft cloud security (Azure, M365, Defender, Entra ID, or Sentinel).
  • Expertise in Microsoft cloud security architecture, identity protection, SaaS security, and misconfiguration risks.
  • Strong data analysis skills with experience using SQL, PySpark, KQL, or similar tools to analyze cloud-based threats.
  • Deep knowledge of MITRE ATT&CK, Microsoft attack techniques, and adversary tradecraft.
  • Hands-on experience with Microsoft Defender for Office 365, Defender for Identity, and Microsoft Sentinel.
Nice to Have 
  • Experience working with or building SSPM solutions for Microsoft cloud security posture management.
  • Security certifications (GCTI, GCFA, CISSP, or Microsoft security-related).
  • Experience in cloud-native security research, attack simulations, or misconfiguration exploitation analysis.
  • Background in SaaS security posture analysis and cloud security hardening.

 

#LI-LB3

Required profile

Experience

Industry :
Cybersecurity
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Cloud ComputingThreat AssessmentMITRE ATT&CK FrameworkSQL (Programming Language)Azure SecurityISQLAntivirus SoftwareApache SparkCloud-Native Applications

Other Skills

  • Collaboration
  • Communication
Are you interested?

Researcher Related jobs

See more Researcher jobs