
Security Research Manager
MicrosoftSummary
The Security Research Manager will lead a new operations team in Prague supporting Defender Experts for XDR. This role involves establishing operational rhythm, building a high-performing team, driving service delivery, and collaborating with global teams to enhance threat detection and response. The manager will champion Microsoft's culture and values, coach employees, and promote the adoption of AI-powered tools and agentic workflows to improve efficiency and scale.
Required Skills
Details
- Salary
- CZK 1,338,000 – CZK 2,448,000/yr
- Work Authorization
- Security Clearance
- Posted
- Jul 3, 2026
Description
Security represents one of the most critical priorities for customers in a world of digital threats, regulatory scrutiny, and estate complexity. Defender Experts for XDR helps customers detect, investigate, and respond to advanced attacks by combining Microsoft security telemetry, deep threat expertise, durable detections, and customer-facing investigation support.
The CZ Operations Manager will lead the newly created Prague operations team that supports Defender Experts for XDR. This manager will establish the operating rhythm, build a high-performing team culture, drive consistent service delivery, and partner across global operations, threat research, data science, engineering, and customer-facing teams to improve detection and response outcomes.
This role is expected to model Microsoft culture and values, coach employees toward clear outcomes and durable capability, and care for people by creating an inclusive, growth-oriented environment where employees can do their best work. The manager will also be accountable for helping the team adopt agentic workflows, AI-powered tooling, copilots, and intelligent automation to improve quality, speed, consistency, and scale.
This role participates in a global security operations model and may require weekend, holiday, or non-standard business-hour support where legally allowed and aligned to local labor regulations.
Responsibilities
- Lead the Prague CZ operations team responsible for customer-facing detection, investigation, threat hunting, and response support for Defender Experts for XDR.
- Model Microsoft culture, values, leadership principles, and high standards for customer obsession, operational rigor, inclusion, accountability, and growth mindset.
- Coach security analysts by defining clear objectives and outcomes, connecting work to customer and business impact, giving timely feedback, removing blockers, and helping employees build durable security operations capability.
- Care for employees by creating an environment where people feel valued, respected, included, and supported in their wellbeing, career growth, and aspirations.
- Establish and manage the local operating rhythm for quality, coverage, onboarding, training, case review, escalation, customer readiness, and cross-time-zone handoffs.
- Ensure the team delivers high-quality proactive and reactive threat hunting, investigation, and response outcomes across customer environments.
- Partner with threat research, data science, engineering, and global operations teams to improve detections, service quality, tooling, triage workflows, and operational readiness.
- Drive adoption of AI-powered security tools, copilot, and agentic workflows that accelerate investigations, enrich customer findings, improve analytical efficiency, and reduce repetitive operational burden.
- Sponsor and operationalize AI agents and automations that assist with case enrichment, investigation summarization, detection validation, quality review, onboarding, reporting, and customer-ready outputs.
- Use metrics, customer feedback, quality reviews, and operational signals to identify systemic improvements and translate them into durable processes, training, automation, or product feedback.
- Build a healthy, resilient team culture that supports learning, experimentation, knowledge sharing, and continuous improvement while maintaining high standards for customer impact.
- Participate in a global security operations model, including potential weekend, holiday, or non-standard business-hour coverage where legally allowed and aligned to local requirements.
Qualifications
- Experience in Security Operations, Threat Intelligence, Cyber Incident Response, Penetration Testing/Red Team, Detection Engineering, or related cybersecurity operations roles.
- People management, team leadership, service delivery leadership, or demonstrated experience coaching technical teams toward operational outcomes.
- Experience leading customer-facing or service-delivery security operations where quality, timeliness, communication, and customer outcomes are critical.
- Experience using security telemetry, large data sets, and investigation tools such as Microsoft Defender XDR / Microsoft 365 Defender, Microsoft Sentinel or equivalent SIEM, KQL, Python, Power BI, or comparable analysis tooling.
Other Requirements / Preferred Experience
- Ability to meet Microsoft, customer, and/or government security screening requirements, including the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
- Ability to work from the Prague office at least three (3) days per week.
- Ability to support weekend, holiday, and non-standard business-hour coverage where legally allowed and aligned to local labor regulations.
- Demonstrated alignment to Microsoft manager expectations: Model the culture and values, Coach employees and teams toward success, and Care for people, growth, inclusion, and wellbeing.
- Experience building, leading, or scaling a new site, shift, region, operations team, or service-delivery capability preferred.
- Experience leveraging generative AI, large language models, copilots, autonomous agents, or AI-assisted workflows to improve security operations, threat hunting, incident response, investigations, reporting, quality review, or operational efficiency.
- Experience sponsoring or building automations or AI-assisted workflows using scripting languages, orchestration platforms, low-code automation tools, or agent frameworks.
- Knowledge of kill-chain model, MITRE ATT&CK framework, modern penetration testing techniques, cloud security, identity security, and operating system internals.
- Experience with threat intelligence curation, customer briefings, incident response, DFIR, detection engineering, or offensive security techniques.
- Excellent cross-group collaboration and communication skills, including the ability to influence across operations, research, engineering, and business stakeholders.
- Strong ability to use data to tell a story, identify systemic improvement opportunities, and drive clear prioritization.
- Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, GIAC, or equivalent experience preferred.
Security Research M4 - The typical base pay range for this role across Czechia is Kč 1,338,000.00 - Kč 2,448,000.00 per year. Certain roles may be eligible for benefits and other compensation.
Find additional benefits and pay information here:
https://careers.microsoft.com/v2/global/en/corporate-pay/czech-republic-corporate-pay.html
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.
