Principal Security Researcher

As a Principal Security Researcher on the MTP Research Purple Team, you will: Design and execute purple team simulations that emulate real-world threat actors, techniques, and campaigns across endpoint, identity, cloud, and email surfaces, incorporating both human-driven and agentic execution models. Analyze telemetry using Kusto / KQL to validate detection logic, uncover gaps, and measure signal quality at scale. Translate attacker tradecraft into actionable insights for defenders, including detection recommendations, telemetry requirements, and investigation improvements. Apply frameworks such as

MITRE ATT&CK

to map adversary behavior, identify coverage gaps, and communicate findings clearly to technical and non-technical audiences. Leverage and contribute to threat intelligence by both consuming real-world campaign data and producing new insights through simulation outcomes, TTP discovery, and adversary emulation research. Design, build, and leverage AI-enabled and agentic systems to automate simulation workflows, generate attack variations, validate detections, and accelerate post-simulation analysis. Evaluate the effectiveness of AI-driven detections and defenses, identifying strengths, gaps, and opportunities for improvement across agentic security capabilities. Contribute to written simulation reports, executive presentations, and technical documentation that influence product and security strategy. Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. These requirements include, but are not limited to the following specialized security screenings: Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR equivalent experience. 8+ years of incident response, threat hunting, and/or SOC experience. Experience leveraging and producing threat intelligence at the campaign or actor level. Advanced knowledge of MITRE ATT&CK and threat modeling methodologies.

Security related certifications such as:

GCIA, GMON, GCIH, CISA

.