Applied Data Scientist II

Overview

Our team builds the intelligence layer that powers Microsoft’s next‑generation security detections—graph‑based reasoning, multi‑modal ML pipelines, campaign correlation, and threat‑centric analytics across the Defender ecosystem. As an Applied Scientist II , you will contribute hands‑on to the design, development, and deployment of ML and graph‑based algorithms that uncover sophisticated attacker behaviors and strengthen Microsoft’s disruptive security outcomes.

This role is ideal for individuals who bring strong ML foundations, curiosity, and a desire to work in a deep‑technical, mission‑driven environment focused on protecting customers at global scale.

Responsibilities

Machine Learning & Modeling

• Develop supervised and unsupervised ML models for anomaly detection, fraud/threat pattern discovery, alert classification, confidence scoring, and signal fidelity improvements.
• Build and maintain feature pipelines over multi‑modal security telemetry (identity, endpoint, network, cloud).
• Apply graph‑focused ML techniques (graph embeddings, GNNs, similarity scoring, relationship modeling).
  
  

Graph Reasoning & Analytics

• Contribute to graph construction logic, schema evolution, and ontology-driven enrichment for Verdict Net, Verdict Propagation, Campaign Graphs, and Vortex insights.
• Implement graph traversal, multi-hop reasoning, and cluster detection algorithms to surface hidden attack patterns.
• Participate in performance optimization and health management of large-scale threat graphs.
  
  

Data Engineering & Experimentation

• Analyze large, noisy, high‑dimensional security datasets using ADX/Kusto, Spark, and distributed compute platforms.
• Run A/B experiments, offline evaluations, and benchmark models to continually improve detection quality.
• Build high-quality research code and prototypes that transition smoothly to engineering teams for productionization.
  
  

Cross-Functional Impact

• Collaborate with detection engineering, threat research, product teams and red teams to integrate ML outcomes into real-world protection experiences.
• Translate complex analytical insights into actionable improvements for detections, disruptions, and customer-facing intelligence.
• Participate in on-call data issue triage (signal quality, false positives, enrichment gaps) as applicable for DEX workflows.
  
  

Qualifications

• Bachelor’s degree in CS, Data Science, EE, Mathematics or related field AND 4+ years of hands-on DS/ML experience OR Master’s degree AND 1+ years experience.
• Strong proficiency in Python, ML frameworks (PyTorch/TensorFlow), and data processing libraries.
• Experience with ML techniques such as: gradient-boosted models, supervised/unsupervised learning, embeddings, clustering, anomaly detection.
• Experience querying & analyzing large datasets using Kusto, SQL, Spark, or equivalent data engines.
• Strong fundamentals in probability, statistics, and algorithmic thinking.
• Ability to write clean, reliable research code and communicate findings clearly.
  
  

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

---