דרושים » אבטחת מידע וסייבר » Senior Web Security Researcher

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that our company remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet our company.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

We are looking for a Malware Analysis Team Leader with a deep focus on cybercrime investigations to lead a dynamic team of experts dedicated to identifying, analyzing, publishing, and mitigating cybercrime-related threats. This leadership role will drive advanced malware analysis efforts, conduct threat research, publish in top conferences and blogs, and coordinate with internal and external stakeholders to combat and prevent cybercriminal activities. The ideal candidate will have strong technical expertise in malware reverse engineering, a deep understanding of cybercrime tactics, and excellent communication skills, including the ability to present findings clearly and publish research for internal stakeholders and the broader cybersecurity community.

Key Responsibilities
Lead the Malware Analysis Team: Manage and mentor a team of skilled researchers on identifying, analyzing, and mitigating malware associated with cybercrime, including ransomware, banking Trojans, exploit kits, and other forms of cybercriminal malware.
Cybercrime Threat Intelligence: Collaborate with threat intelligence teams to analyze malware in the context of cybercrime syndicates and criminal activity. Identify trends, tactics, and patterns in malware usage by cybercriminal groups and provide actionable intelligence to relevant teams and external partners.
Malware Reverse Engineering: Lead efforts in reverse-engineering malicious software, tracking variants, and identifying attack techniques, tactics, and procedures (TTPs) cybercriminal actors use.
Cross-Functional Collaboration: Work closely with internal teams (e.g., Incident Response, Threat Intelligence, SOC) and external stakeholders (e.g., law enforcement, CERT, threat intelligence providers) to share findings, collaborate on investigations and coordinate actions to disrupt cybercrime activities.
Publication and Thought Leadership: Produce detailed, high-quality research reports and technical papers based on malware analysis and cybercrime investigations. Contribute to the publication of findings in industry-leading forums, conferences, and journals, establishing the organization as a thought leader in cybersecurity.
Presentations and Reporting: Prepare and deliver presentations to technical and non-technical stakeholders, including executives, legal teams, and law enforcement. Communicate complex findings, research insights, and actionable intelligence on cybercrime and malware trends.
Training and Development: Mentored junior team members, providing guidance on malware analysis techniques, threat hunting, and reporting. Foster a culture of continuous improvement, encouraging knowledge sharing and professional development within the team.

We are looking for a skilled and motivated security researcher to join our core Cyber-AI research team and help us harness the power of AI models and capabilities to solve challenges in the security domain.This role involves hands-on and multidisciplinary work, involving both cyber expertise and AI, driving novel research around LLM capabilities, limitations and developing workflow automation solutions.
Responsibilities:
Research methods & initiatives to integrate AI into cybersecurity workflows and create prototypes to prove your ideas
Apply deep Cyber domain understanding of offensive & defensive techniques to guide AI efforts and act as security expert for multidisciplinary teams
Design & create AI agents tuned for specific cybersecurity tasks, including surrounding framework and automation tools, working closely with Data Science team
Create unique training methods to keep Cyber models relevance over time
Create evaluation methods for models performance, coverage and accuracy
Stay updated with the latest advancements in AI and cybersecurity, experiment with open-source projects & tools

a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and state-sponsored activities. You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect customers and empower the brand.



Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.

We are looking for a Cyber Security Researcher to drive innovation in security defenses for on-premises and cloud environments. Your primary focus will be twofold:

1. Researching and developing novel defensive mechanisms to detect and mitigate advanced threats.

2. Contributing to open-source security tools by developing new solutions and enhancing existing ones.If you have a passion for security research, a strong technical foundation, and a drive to make meaningful contributions to the cybersecurity community, wed love to hear from you.


Responsibilities:
Research and prototype novel security defense techniques for on-prem and cloud-based systems

Analyze modern attack techniques and develop countermeasures to mitigate them.

Design, develop, and improve open-source security tools to help defenders detect and respond to threats.

Reverse engineer malware, attack tools, and security mechanisms to identify vulnerabilities and improvements.

Investigate Windows internals and authentication protocols (NTLM, Kerberos, SAML, OAuth) to enhance security defenses.Write secure, efficient, and maintainable C/C++ code for research and tooling purposes.

Collaborate with the security research community and contribute to blogs, whitepapers, and conference talks.

Stay ahead of the evolving threat landscape and propose innovative security solutions.

seeking an experienced Cyber Threat Researcher to join our cyber research team. This role involves in-depth research into SaaS application security, identifying misconfigurations, and providing insights that help secure our customers SaaS environments. Youll work closely with product, marketing, and R&D teams to ensure your research contributes to developing cutting-edge security features and customer value.

Key Responsibilities
Conduct Security Research: Conduct in-depth research into security risks and misconfigurations associated with SaaS applications, identifying trends and opportunities to enhance product capabilities.
API Analysis: Review SaaS application APIs to assess security functionalities, and determine how to leverage them for enhanced protection.
Cyber Threat Intelligence: Analyze emerging cyber threats and breaches to understand attack vectors, risks, and trends, applying this knowledge to enhance the security posture of our product and customers.
Collaborate Across Teams: Partner with product, R&D, and marketing teams to translate research findings into valuable product features and contribute to security-focused publications and thought leadership.

We are looking for a Cloud Threat Detections Engineer.
As a Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics.
Create correlation logic and between runtime events and control plane activities.
Design and implement detection logic across multi-cloud and hybrid environments.
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities.
Partner with Product and Engineering teams to enhance detection capabilities.

As a Security Researcher, you will be responsible for conduct in-depth research and analysis of new threats and vulnerabilities in the blockchain space and develop tools and systems to detect and mitigate security risks in real-time. Youll work closely with our engineering and product teams to develop security strategies, detect and mitigate exploits, and enhance our on-chain security platform. While prior Web3 experience is an advantage, we welcome applicants with a solid security research background looking to break into blockchain security.

Key Responsibilities:
Conduct in-depth security research on blockchain protocols, smart contracts, and decentralized applications.
Identify and analyze security vulnerabilities, exploits, and attack vectors in Web3 protocols.
Collaborate with the engineering team to integrate detection capabilities into our on-chain exploit detection system.
Create proof-of-concept (PoC) exploits and simulations to help test and validate threat scenarios.
Stay current with emerging threats, new technologies, and industry best practices in information security.

Senior Security Data Analyst Client Side Protection
Join our Code Defender team as a Security Data Analyst, where you'll have ownership over the product's detection framework and lead data-driven processes to enhance and refine our security capabilities. Code Defenders mission is to detect and defend against client-side JavaScript threats like Magecart attacks, while helping our customers stay compliant with evolving security and privacy standards. This role requires a proactive and analytical professional dedicated to advancing Code Defenders detection infrastructure and metrics.
What Youll Do:
Detection Framework Ownership: Own and continuously evolve Code Defenders detection framework, leveraging data-driven processes to maximize detection accuracy and efficiency.
KPIs Dashboards Development: Design, develop, and maintain KPIs and dashboards that showcase Code Defenders performance and inform product strategy.
Detection Mechanism Innovation: Research, design, and enhance detection mechanisms to stay ahead of emerging client-side threats.
Cross-Team Collaboration: Work closely with the technical research and development teams to support end-to-end product improvements and drive a unified approach to detection enhancement.

We are looking for a Sr. Cloud Threat Detections Engineer.
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics
Create correlation logic and between runtime events and control plane activities.
Design and implement detection logic across multi-cloud and hybrid environments.
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities
Partner with Product and Engineering teams to enhance detection capabilities.