Microsoft Corporation India Pvt Ltd.

Principal Threat Research Lead

Microsoft Corporation India Pvt Ltd.
Hyderabad
Not disclosed
Work from OfficeWork from Office
Full TimeFull Time
Min. 12 yearsMin. 12 years

Job Description

Principal Threat Research Lead

Overview

Protecting billions of users and the world’s largest digital estates is among the hardest and highest-stakes challenges in technology. Microsoft Security exists to meet it — empowering every user, customer, and developer with end-to-end, simplified protection across heterogeneous, multi-cloud environments, while securing Microsoft’s own global estate. Our culture is built on a growth mindset, a drive for technical excellence, and the expectation that we bring our best each day to innovations that impact billions of lives.

Microsoft Security Research (MSecR) is the research engine behind Microsoft’s protection stack — turning planetary-scale telemetry, adversary intelligence, and AI-driven systems into proactive detection, disruption, and pre-emption of advanced threats. We work across the full estate — endpoint, identity, email, cloud apps, SaaS, and multi-cloud infrastructure — shifting protection left by transforming raw signal into actionable intelligence and production-grade detections. We are actively building the next generation of agentic, AI-assisted investigation and detection systems that change how defenders operate at scale.

We are seeking a Principal Threat Research Lead to drive next-generation threat research across Threat Intelligence (TI), AI-driven analytics, and detection engineering. This is a senior leadership role that will have researchers reporting: you will set technical direction and stay deep in the craft — personally shaping research, advancing detection systems, and influencing platform-level capabilities across Microsoft Security. You will partner closely with product, engineering, operations, and TI teams to deliver durable, scalable protection for global enterprise customers.

In this role, you will operate at the intersection of threat intelligence, advanced analytics, and AI systems, leading high-impact initiatives that define how large-scale security platforms anticipate and respond to emerging threats. You will partner closely with product, engineering, operations, and threat intelligence teams to deliver durable, scalable protection for global enterprise customers.



Responsibilities

We are seeking a Principal Threat Research Lead with deep expertise in threat intelligence, advanced analytics, and AI-driven detection systems. The ideal candidate will demonstrate a proven ability to lead large-scale technical initiatives, influence platform direction, and deliver high-impact security innovations across complex, multi-cloud environments.

Responsibilities include:

  • Set technical vision for advanced threat research spanning Threat Intelligence, analytics, and AI across large-scale, cross-domain telemetry platforms — and stay hands-on enough to prove it works.
  • Lead deep research into emerging threats, attacker TTPs, and campaign behavior across endpoint, identity, email, cloud apps, and multi-cloud surfaces — translating insight into concrete detection and response strategy.
  • Architect AI/ML-driven detection systems — behavioral analytics, anomaly detection, and agentic / LLM-powered enrichment and investigation pipelines — including the evaluation, guardrails, and abuse-resistance (e.g. prompt-injection defense, output validation) that make them production-safe.
  • Operationalize intelligence-to-detection pipelines that continuously convert TI into scalable, production-grade detections, managed as detection-as-code (versioned, tested, backtested, CI-deployed).
  • Drive detection-engineering excellence across SIEM/XDR platforms (Microsoft Defender / Sentinel) — owning measurable signal quality, broad coverage, and low false-positive rates.
  • Establish efficacy frameworks for detection coverage, false-negative reduction, and signal-to-noise optimization at scale, with clear metrics (precision/recall, true-alert ratio, FP/FN discovery).
  • Individually author and ship high-fidelity detections and hunts when it matters — triaging their false positives and measuring production performance.
  • Drive cross-tenant signal correlation, multi-stage attack analysis, and graph-based campaign stitching as a core research capability.
  • Collaborate cross-functionally with Product, Engineering, and Operations to productionize research into customer-facing protection.
  • Mentor senior researchers and engineers, setting the bar for technical depth, innovation, and execution rigor.
  • Influence internal and industry strategy through thought leadership, leadership/customer threat briefings, research publications, and contributions to the security community.

What success looks like

    • A working intel-to-detection pipeline shipping a steady cadence of validated, low-FP detections into production.
    • Measurable improvement in coverage and false-negative discovery across at least one attack domain.
    • AI/agentic capability moved from research prototype to evaluated, guard-railed production use.


Qualifications

Required

  • 12+ years of experience in threat research, threat intelligence, detection engineering, or security analytics within large-scale, complex environments.
  • Proven ability to lead and individually execute advanced research on emerging threats across cloud, identity, endpoint, and multi-domain attack surfaces.
  • Demonstrated expertise in at least one core domain—Threat Intelligence, AI/ML for Security, or Security Analytics—with strong cross-domain proficiency.
  • Hands-on experience designing and shipping high-fidelity detection strategies on SIEM/XDR platforms (Microsoft Defender / Sentinel), with a track record of managing false positives and measuring detection efficacy.
  • Depth in at least one major cloud (Azure preferred) and solid working knowledge of modern multi-cloud attack vectors.
  • Strong proficiency in data analysis and engineering tools (e.g., KQL, Python, ADX and notebook-driven exploration) and experience working with large-scale analytical pipelines.
  • Proven ability to independently drive ambiguous, high-impact technical problems to completion.
  • Ability to influence cross-functional teams and communicate complex technical concepts to diverse audiences, including leadership and customers.

Strongly preferred

  • Experience with AI/agentic systems for security — RAG over intel, LLM evaluation, guardrails, and defense against model abuse.
  • Cross-tenant signal correlation, multi-stage attack analysis, or graph-based campaign stitching.
  • Data-science rigor: feature engineering, model evaluation, and detection drift/decay monitoring.
  • Adversary emulation, malware analysis, or reverse-engineering background.
  • Experience operating on customer telemetry at scale under privacy and compliance constraints

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.



Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Experience Level

Senior Level

Job role

Work location
Work locationHyderabad, TS, IN
Department
DepartmentIT & Information Security
Role / Category
Role / CategoryIT Security
Employment type
Employment typeFull Time
Shift
ShiftDay Shift

Job requirements

Experience
ExperienceMin. 12 years

About company

Name
NameMicrosoft Corporation India Pvt Ltd.
Job posted by Microsoft Corporation India Pvt Ltd.

Similar jobs you can apply for

Counsellor (Career / Visa)
Sra Edutech Private Limited

Career Counsellor

Sra Edutech Private Limited
Kukatpally, Hyderabad
₹15,000 - ₹30,000*
Work from Office
Full Time
Any experience
Basic English
Randstad India Private Limited

Home Loan Sales Officer

Randstad India Private Limited
Begumpet, Hyderabad
₹18,000 - ₹30,000*
Work from Office
Full Time
Min. 2 years
Basic English
Mukku Financial Consulting Private Limited

Customer Care Executive

Mukku Financial Consulting Private Limited
Madhapur, Hyderabad
₹14,000 - ₹17,000*
Work from Office
Full Time
Any experience
No English Required
Suvidha Staffing Solutions

Picker / Packer

Suvidha Staffing Solutions
Himayatnagar, Hyderabad
₹14,000 - ₹19,000*
Field Job
Full Time
Any experience
No English Required
Strategic Systems IT Solutions Private Limited

Sales and Marketing Executive

Strategic Systems IT Solutions Private Limited
Hyderabad
₹50,000 - ₹60,000
Work from Office
Full Time
Min. 3 years
Basic English

Sales Executive

WhiteScholars EduFutures Academy
Kukatpally, Hyderabad
₹15,000 - ₹25,000*
Work from Office
Full Time
Any experience
Basic English

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

The candidate should have completed the required education and people who have 12 to 31 years are eligible to apply for this job. You can apply for more jobs in Hyderabad to get hired quickly.

The candidate should have sound communication skills and sound communication skills for this job.

Both Male and Female candidates can apply for this job.

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Hyderabad at apna.

No work-related deposit needs to be made during your employment with the company.

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Hyderabad . Through apna, you can find jobs in 64 cities across India. Join NOW!