Job Location : New York,NY, USA
The Microsoft Threat Analysis Center (MTAC) is where geopolitical insight meets technical rigor. At the core of our mission is investigation: identifying and analyzing the actors, behaviors, and tactics behind AI-powered foreign influence campaigns that target democracies, disrupt public trust, and exploit emerging technologies. Our work is grounded in methodical, evidence-based inquiry-uncovering how these operations unfold and how they evolve.
We are expanding our team and seeking technically capable investigators who bring a strong foundation in data analysis, automation, and AI systems. Ideal candidates are fluent in Python and SQL, experienced in building scalable analytics workflows, and skilled at distilling complex technical findings into strategic insights. A deep understanding of how generative AI systems function-and how they can be manipulated-is increasingly important, as is the ability to explore new datasets and surface patterns using lightweight modeling and statistical techniques.
MTAC offers a unique opportunity to work at the intersection of national security, emerging technology, and global information integrity. If you're motivated by impact and ready to contribute to high-stakes investigations in the digital domain, we encourage you to explore opportunities with us.
The Microsoft Threat Analysis Center (MTAC) is looking for a Threat AI Investigator who will focus on identifying and mitigating AI abuses. This role involves tracking and investigating sophisticated actors, ranging from nation-state threat groups to influence-for-hire actors, and beyond. They will contribute to MTAC's mission to detect, assess, and disrupt digital threats to Microsoft, its customers, and governments worldwide. MTAC is part of the Customer Security & Trust (CST) organization within Microsoft's Corporate, External, and Legal Affairs (CELA) group.
In this role, the Investigator will focus on identifying and mitigating AI abuses on Microsoft's platforms and beyond. This role involves tracking and investigating sophisticated actors, ranging from nation-state threat groups to influence-for-hire actors. The ideal candidate will possess both geopolitical knowledge and the technical ability to build workflows that reliably surface and track these actors and their influence sets, conducting thorough investigations. They will also write and brief on a broader set of analytic findings, integrating open-source information with historical analysis to communicate succinctly and effectively to executives, government officials and public audiences.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
This role is Onsite in the Microsoft New York Office.
Responsibilities
Research and assess cyber and malign influence threats at tactical and strategic levels by drawing on information from social media accounts and websites, foreign policy priorities and perspectives from open-source reporting.
Understand the components of generative AI and how technology stacks produce AI outputs.
Identify and triage AI abuses based on behavioral and technical indicators.
Write threat intelligence reports for senior audiences on adversary influence actors, networks, and operations powered by artificial intelligence (AI).
Work closely with the broader Microsoft Threat Intelligence team in its investigations of nation state cyber, influence, and AI-first actor investigations.
Develop engaging presentations and brief various stakeholders under tight deadlines.?
Follow innovative, non-intrusive, law-abiding methods for detecting, diagnosing, and deterring the most advanced and prolific threats in the information environment.
Embody our?culture ( ?and?values ( .??
Qualifications
Required Qualifications:
Bachelor's Degree in Statistics, Finance, Mathematics, Analytics, Engineering, Computer Science, Marketing, Business, Economics or related field OR equivalent experience
Understanding of how generative AI systems work end-to-end , from data collection and pretraining through fine-tuning and inference
Hands-on use of LLMs and experience red-teaming or evaluating failure modes (jailbreaks, hallucinations, bias, prompt injection, leakage)
Understanding of current trends in open and closed models and their abuse by threat actors
Ability to identify indicators of malicious AI use from behavioral and technical evidence
Experience leveraging language skills for open-source research
Strong English-language writing skills
Other Requirements:
Citizenship & Citizenship Verification: This role will require access to information that is controlled for export under export control regulations, potentially under the U.S. International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations. ?As a condition of employment, the successful candidate will be required to provide either proof of their country of citizenship or proof of their U.S. permanent residency or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export-controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate's citizenship will be verified with a valid passport. Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable.
This position requires verification of citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate's citizenship will be verified with a valid passport.
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:?
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
Preferred Experience:
Spoken and written fluency in a language besides English is preferred.
Ability to quickly and efficiently sift through data to identify trends, shifts, or key issues to incorporate into analysis for senior customers or decision makers.
Strong communication and presentation skills.
Expertise in a range of AI platforms and tools.
Any additional language skills are a plus.
Quantitative analytic experience is a plus.
Degrees and certifications in computer science, artificial intelligence and data analysis a plus.
Experience in common database query languages (e.g. SQL) and Python is a plus.
Excellent cross-group collaboration with experience building relationships.
Experience collaborating with other analysts, technical collectors, and threat intelligence partners in government and industry is a plus.
Business Analytics IC2 - The typical base pay range for this role across the U.S. is USD $68,300 - $137,900 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $93,200 - $151,200 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
Microsoft will accept applications for this role until August 20th, 2025.
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .