Overview

Are you passionate about cybersecurity and driven by the curiosity to understand how malicious code works? Do you thrive on hunting for threats before they cause harm? Are you excited by the idea of protecting over a billion users from the next wave of browser extension attacks?

Microsoft Edge serves millions of users across Windows, Mac, and mobile platforms. The Extensions Security team is responsible for defending this ecosystem against malicious actors who exploit browser extensions to steal data, hijack sessions, and compromise user trust. We operate at the intersection of security research, threat intelligence, and engineering — building the detection systems and conducting the investigations that keep users safe at scale.

We are looking for a Security Researcher to join this team. You will reverse-engineer suspicious extensions, uncover novel attack patterns, develop detection capabilities, and conduct proactive threat hunting. This is a high-ownership role with room to grow — whether that means going deep on threat analysis, pioneering AI-driven detection, or building out our threat intelligence capabilities. Come join a team of highly motivated security professionals working on real-world threats every day.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Starting January 26, 2026, Microsoft AI (MAI) employees who live within a 50-mile commute of a designated Microsoft office in the U.S. or 25-mile commute of a non-U.S., country-specific location are expected to work from the office at least four days per week. This expectation is subject to local law and may vary by jurisdiction.

Responsibilities

• Perform static and dynamic analysis of potentially harmful browser extensions (JavaScript programs) to understand their behavior, operation, and impact on the browser ecosystem.
• Identify abuse patterns, novel attack techniques, and product vulnerabilities within the extension ecosystem.
• Develop and refine detection rules and signals to improve threat coverage.
• Conduct proactive threat hunting to identify emerging threats, malicious indicators, and gaps in existing detection capabilities.
• Leverage AI and automation tools to enhance security analysis workflows, improve detection accuracy, and scale threat research capabilities.
• Produce technical analysis reports summarizing findings and recommendations for remediation.
• Collaborate with Microsoft security teams to improve visibility into the threat landscape and strengthen detection capabilities.
• Cultivate in-depth knowledge of the extension threat landscape, attack vectors, and methods of exploitation through ongoing research and industry engagement.

Qualifications Required Qualifications:

• Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ year(s) experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
• OR equivalent experience.
• Solid background in web security fundamentals; understanding of how modern browsers work (Chromium preferred).
• Proficiency in JavaScript and familiarity with web technologies.
• Experience in malware analysis — static and dynamic analysis, reverse engineering (JavaScript-based threats), and tools.
• Experience writing detection rules (e.g., YARA, CodeQL, or similar).
• Python or similar scripting skills for data analysis and tool development.
• Solid written and oral communication skills.

Preferred Qualifications:

• Proficiency with KQL (Kusto Query Language) or similar for analyzing telemetry and log data at scale.
• Experience using AI/LLM tools to assist in security analysis, rule creation, or automation of research workflows.
• Experience with browser extension architecture (manifest V2/V3, content scripts, background workers, permissions model).
• Familiarity with sandboxing and detonation environments for dynamic analysis.
• Knowledge of OSINT techniques for threat and vulnerability research.
• Familiarity with attack and detection frameworks (e.g., MITRE ATT&CK).
• Experience analyzing behavioral telemetry (network activity, API usage patterns) for threat detection.
• Ability to work independently and collaborate with a distributed team across multiple time zones.

#MicrosoftAI

#edgejobs

#edgeindia

#maiindia

#MAI

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.