The Microsoft Threat Analysis Center (MTAC) is looking for a lead threat AI investigator in the role of Threat Context Analyst who will focus on identifying and mitigating AI abuses. This role involves tracking and investigating sophisticated actors, ranging from nation-state threat groups to influence-for-hire actors, and beyond. They will contribute to MTAC’s mission to detect, assess, and disrupt digital threats to Microsoft, its customers, and governments worldwide. MTAC is part of the Customer Security & Trust (CST) organization within Microsoft’s Corporate, External, and Legal Affairs (CELA) group.
In this role, the analyst will focus on identifying and mitigating AI abuses on Microsoft’s platforms and beyond. This role involves tracking and investigating sophisticated actors, ranging from nation-state threat groups to influence-for-hire actors. In this role you will possess both deep geopolitical knowledge and the technical ability to build workflows that reliably surface and track these actors and their influence sets, conducting thorough investigations. They will also write and brief on a broader set of analytic findings, integrating open-source information with historical analysis to communicate succinctly and effectively to executives, government officials and public audiences.

QUALIFICATIONS

Required/minimum qualifications

• Master’s Degree in Mathematics, Analytics, Engineering, Computer Science, Marketing, Business, Economics or related field AND 3+ years experience investigating a combination of cyber and influence operations in either the public sector, private sector or a combination of the two
• OR Bachelor’s Degree in Statistics, Finance, Mathematics, Analytics, Engineering, Computer Science, Marketing, Business, Economics or related field AND 4+ years experience investigating a combination of cyber and influence operations in either the public sector, private sector or a combination of the two
• OR equivalent experience.
• Proficiency in data wrangling and processing pipelines using tools such as pandas, NumPy, or PySpark and fluency in Python and SQL tools with experience collecting large-scale data, building analytics/automation pipelines, creating dashboards, and communicating data-driven insights to non-technical partners.
• Experience building exploratory predictive models, including rapid profiling of new data sets and application of lightweight ML/statistics (clustering, anomaly detection, baseline classifiers/regressors) to surface trends and generate actionable insights and forecasts.

Other Requirements:

• Citizenship & Citizenship Verification: This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations. As a condition of employment, the successful candidate will be required to provide either proof of their country of citizenship or proof of their U.S. permanent residency or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export-controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport. Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable.
• This position requires verification of citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate’s citizenship will be verified with a valid passport.

Business Analytics IC4 - The typical base pay range for this role across the U.S. is USD $106,400 - $203,600 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $137,600 - $222,600 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
Microsoft will accept applications for the role until August 29, 2025.

• Lead threat AI investigations in collaboration with a team of peers and across MTAC teams and broader Microsoft Threat Intelligence community.
• Research and assess cyber and malign influence threats at tactical and strategic levels by drawing on information from social media accounts and websites, current geopolitical conflicts and currents, and perspectives from open-source reporting.
• Understand the components of generative AI and how technology stacks produce AI outputs.
• Identify and triage AI abuses based on behavioral and technical indicators.
• Write threat intelligence reports for audiences on adversary influence actors, networks, and operations powered by artificial intelligence (AI).
• Work closely with the broader Microsoft Threat Intelligence team in its investigations of nation state cyber, influence, and AI-first actor investigations.
• Develop engaging presentations and brief various stakeholders under tight deadlines.
• Follow innovative, non-intrusive, law-abiding methods for detecting, diagnosing, and deterring the most advanced and prolific threats in the information environment.