דרושים » אבטחת מידע וסייבר » Senior Security Researcher- Microsoft Defender for Cloud

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it.

Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping our engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping our customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it.

Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping Microsoft engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping Microsoft customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it.

Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping our engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping our customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.

Deep Instinct, the first cyber security company to apply Deep Learning to cyber security is looking for a Threat Researcher . Deep Instinct is an innovative company that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW! The successful candidate will be responsible to identify, analyze and collect cyber malware samples and campaigns. Perform research on threat actors, new attack vectors and techniques, develop POCs and analysis tools, and prepare research publications. The role involves hands-on responsibilities, working closely with security researchers and Deep-Learning engineers. It requires multitasking in a fast-paced environment with high-quality, accurate, and timely deliverables.

Office Location:
TLV Office

Region:
Israel

Responsibilities::

* Research and analyze emerging cyber threats: Identifying new malware strains, large-scale campaigns, and advanced persistent threats (APTs). Analyze their behavior, capabilities, and techniques for evading detection and achieving their goal.
* Collaborate with other members of the research department: Work closely with security researchers, ML engineers, and other team members to develop and implement defense strategies for the current and future threat landscape.
* Document the findings of threat research and publication reports that can be shared with internal and external stakeholders.
* Stay up-to-date with the latest developments in the cyber security field: including the latest trends, techniques, and threats in the cyber security field.
* Uncover and develop new cyber-attack vectors, techniques and POCs.

Why Work With Us::
At Deep Instinct we are committed to creating an excellent employee experience. We offer competitive salaries, a generous benefits package among great culture. We have some of the most forward-thinking and talented people in the world working for us. If you're creative and autonomous with a real passion for technology, we want to hear from you. About Deep Instinct: Deep Instinct , is the first cyber security company to apply Deep Learning as a platform. We are the only cyber security company harnessing the the power of deep learning to prevent 99% of known and unknown attacks from malware and zero-day threats.

A SaaS platform delivers AI-powered recommendations to eliminate detection coverage gaps in the organization's existing security stack.
Our platform is not yet another security monitoring product, but an innovative solution that uses AI and automation to maximize the value of the existing security tools and systems.
Among our clients are some of the top 10 private equity firms; top 10 consumer packaged goods manufacturers; top 10 cable operators; top 10 US law firms; top 10 money transfer firms; and top 15 MDR/MSSP.
was founded in early 2020 by serial entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, IBM Security, and others.

We are looking for a Security Researcher to join our Cyber Security team
This role involves conducting research on the cybersecurity landscape, leveraging intelligence feeds to map existing threat actors, attack vectors, and TTPs, and analyzing complex data to detect advanced threats using knowledge of the current threat landscape.
This role will also help to identify and build strategies to correct gaps and issues in customers' environment, including defining new detection content or use cases and working with the engineering team to deploy them.

RESPONSIBILITIES
Discover, analyse and track advanced cyber-attack campaigns
Conduct proactive research to define new use cases/detection rules
Conduct research (OSINT, labs etc.) to generate threat intelligence
Maintain current knowledge of adversaries tactics, techniques, procedures, malware attacks, and other cyber security threats
Curate knowledge based on APT groups, monitoring and detection tools
Interact with customers orally and in writing
Proactively identify cyber security improvements and recommend appropriate control improvements

We are looking for a Security and ML/AI Principal Researcher to work alongside product owners, designers, and technical writers within the broader Product Management Group. As a Principal Researcher, you are responsible for doing research in Cyber and ML/AI applictions to assist in refining and executing the vision of Identity Threat Detection and Response (ITDR), Cloud infrastructure Entitlement Management (CIEM), Behavioral Analytics, Secret Server and other company`s solutions, by working closely with cross functional teams in the research, planning, development, and release of new products. You will be working in a highly dynamic, fast-paced environment, interacting regularly with internal stakeholders in the development of our products.

The ideal candidate will have the tenacity, focus, and creativity to thrive in a fast-paced security startup, where initiative is expected, oversight is minimal, and where results are the only
outcome that matters.

This position is based in Tel Aviv and will require being on-site in the office two to three days per business week.

Key Responsibilities:
Research areas may include, but are not limited to the following.
Security research such as: identity threats, account takeover methods, AuthZ security, app permission mechanisms and privilege escalation paths, AuthN weaknesses, IAM mechanisms, automated provisioning abuse, configuration weaknesses, access related supplychain attacks, and protocol weaknesses and attacks on SAML, SCIM, OAuth2, OIDC, and similas. (it is unlikely but not impossible that work will include binary level exploitation / RE as well).
ML/AI applications research such as: ML/AI discovery of TTPs and anomalies, using LLMs and foundation models for security applications (may include fine tuning, RAG, and other
applications), quantifying risk, graph analysis and graph algorithms.

In this role you may also:
Help refine and articulate the product vision and strategy of selected our solutions.
Collaborate with customers, prospects, partners as well as external/internal stakeholders to understand client needs to define and validate product requirements.
Work closely with Engineering and PM teams to solve complex problems affecting our customers through research applications.

Required Gen AI Security Researcher
ABOUT THE POSITION
As a Red Team Specialist focused on Generative AI Models, you will play a critical role in enhancing the security and integrity of our cutting-edge AI technologies. Your primary responsibility will be to conduct simulated cyber attacks and penetration testing on our generative AI systems, including but not limited to language models, image generation models, and any related infrastructure. The goal is to identify vulnerabilities, assess risks, and provide actionable insights to fortify our AI models against potential threats.
Key Responsibilities:
Simulated Cyber Attacks: Conduct sophisticated and comprehensive simulated attacks on generative AI models and their operating environments to uncover vulnerabilities.
Vulnerability Assessment: Evaluate the security posture of AI models and infrastructure, identifying weaknesses and potential threats.
Risk Analysis: Perform thorough risk analysis to determine the impact of identified vulnerabilities and prioritize mitigation efforts.
Mitigation Strategies: Collaborate with development and security teams to develop effective strategies to mitigate identified risks and enhance model resilience.
Security Protocols Development: Aid in the creation and refinement of security protocols and best practices for the development and deployment of generative AI models.
Research and Innovation: Stay abreast of the latest trends and developments in AI security, ethical hacking, and cyber threats. Apply innovative testing methodologies to ensure cutting-edge security practices.
Documentation and Reporting: Maintain detailed documentation of all red team activities, findings, and recommendations. Prepare and present reports to senior management and relevant stakeholders.
Training and Awareness: Provide guidance and training to technical and non-technical teams on security awareness and best practices related to generative AI.

We are looking for a Threat Researcher.
we are an innovative company that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW!
The successful candidate will be responsible to identify, analyze and collect cyber malware samples and campaigns. Perform research on threat actors, new attack vectors and techniques, develop POCs and analysis tools, and prepare research publications.
The role involves hands-on responsibilities, working closely with security researchers and Deep-Learning engineers. It requires multitasking in a fast-paced environment with high-quality, accurate, and timely deliverables.
RESPONSIBILITIES:
Research and analyze emerging cyber threats: Identifying new malware strains, large-scale campaigns, and advanced persistent threats (APTs). Analyze their behavior, capabilities, and techniques for evading detection and achieving their goal.
Collaborate with other members of the research department: Work closely with security researchers, ML engineers, and other team members to develop and implement defense strategies for the current and future threat landscape.
Document the findings of threat research and publication reports that can be shared with internal and external stakeholders.
Stay up-to-date with the latest developments in the cyber security field: including the latest trends, techniques, and threats in the cyber security field.
Uncover and develop new cyber-attack vectors, techniques and POCs.

We are looking for a researcher to help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
Responsibilities:
Research innovative network attack vectors and lateral movement techniques in diverse environments & technologies, including Windows, cloud, virtualization frameworks, OT and more.
Study security mechanisms, implementation details and internals of various identity & access management technologies, identify potential security flaws of products and protocols
Perform comprehensive risk assessments of customers infrastructure to identify security issues and lateral movement paths
Develop new red-team techniques, tools and frameworks to discover and simulate attack scenarios
Demonstrate POCs based on your ideas and knowledge and lead the implementation process
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams

We are looking for a Senior Security Researcher to join our team Cloud Security.
In this role, you will take part in protecting our customers' cloud environments from a wide range of cyber threats.
Your contributions will be directly impactful, not only ensuring our customers' success but also making a significant difference in the evolving landscape of cloud security.
Your Opportunity:
Research cloud threats and collaborate closely with the engineering team to transform research insights into innovative product features
Develop effective detection rules and enhance our product's capabilities for better threat detection
Launch and manage incident response operations to investigate attacks on cloud environments
Investigate malware specifically targeting cloud workloads, understanding their mechanisms and impacts, and produce high-quality reports
Present your unique findings and share knowledge at cyber and cloud conferences