[Remote] Senior Technical Threat Analyst – Graph & AI-Driven Threat Intelligence

Note: The job is a remote job and is open to candidates in USA. Microsoft is one of the largest enterprise service companies in the world, and they are seeking a Senior Technical Threat Analyst with expertise in nation-state cyber threat analysis and graph-based hunting environments. The role involves leading graph-based hunting, designing AI-assisted workflows, and conducting expert-level analysis of APT group activity to enhance threat intelligence.

Responsibilities

• Lead graph-based hunting and correlation across diverse datasets to surface relationships among indicators, infrastructure, malware, and threat actor activity.
• Design and implement AI-assisted analytic workflows, applying agentic models to explore, summarize, and reason about complex intelligence questions.
• Evaluate and compare LLM models (OpenAI GPT, Anthropic Claude, Meta Llama, and others) for accuracy, reliability, and relevance in analytical contexts.
• Partner with data engineers and AI researchers to prototype intelligent analyst agents capable of multi-hop reasoning and contextual evidence retrieval.
• Conduct expert-level analysis of nation-state and APT group activity, including tactics, techniques, infrastructure patterns, and geopolitical drivers.
• Translate graph-based findings into clear, actionable intelligence that supports both defensive operations and executive decision-making.
• Collaborate across product, research, and operations teams to enhance detection, hunting, and attribution methodologies.
• Stay current on advances in graph theory, AI reasoning frameworks, and adversary tradecraft, integrating new approaches into team workflows.

Skills

• 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection.
• 5+ years of experience in cyber threat intelligence, threat hunting, or adjacent disciplines with emphasis on nation-state actor tracking.
• Demonstrated ability to perform structured analysis and attribution of APT activity with analytic rigor and sourcing discipline.
• Hands-on experience with graph-based analytic environments (Synapse Vertex, Neo4j, or similar).
• Moderate coding skills (Python preferred) for automation, custom queries, or model interaction scripting.
• Working knowledge of agentic AI concepts (prompt chaining, orchestration frameworks, reasoning agents, or RAG-based pipelines).
• Knowledge of the LLM ecosystem — including model families from OpenAI, Anthropic, Meta, and others — with awareness of strengths, weaknesses, and bias/hallucination considerations.
• Ability to meet Microsoft, customer and/or government security screening requirements.
• Doctorate in Statistics, Mathematics, Computer Science or related field.
• 6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection.
• Experience integrating AI tools into threat analysis, hunting, or triage workflows.
• Familiarity with graph ontology design and CTI data schemas (STIX/TAXII, ATT&CK mappings, etc.).
• Understanding of cloud environments (Azure, AWS, GCP) and their relevance to threat actor operations.
• Background in developing or refining AI safety, validation, or evaluation frameworks for analytic use.
• Technical writing, synthesis, and briefing skills.

Education Requirements

• Master's Degree in Statistics, Mathematics, Computer Science or related field.

Benefits

• Certain roles may be eligible for benefits and other compensation.

Company Overview

• Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services. It was founded in 1975, and is headquartered in Redmond, Washington, USA, with a workforce of 10001+ employees. Its website is https://www.microsoft.com.