דרושים » ניהול ביניים » Security Research Manager - MacOs & Autonomous Soc (Cortex)

We're looking for a Manager to lead a security research team for detection and response across cloud environments. This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Your Impact:
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team.
In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Your Impact:
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments.
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior.
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models.
Research specific scenarios to enhance our model's capabilities.
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product.
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

Required Offensive Security Team Lead
As an Offensive Security Team Lead, you will spearhead our offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in our systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.
As an Offensive Security Team Lead you will
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against our infrastructure and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving our security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident response when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.

We are looking for a Senior Threat Researcher for its Tel Aviv R&D center.
The team is in charge of maintaining an up-to-date overview of the threat landscape, with emphasis on two main focus areas - cybercrime and nation-state APT research. The team conducts a proactive research using our vast telemetry in combination of external sources, to uncover unknown malware, TTPs, campaigns, and threat actors. The insights gleaned from the research are then translated into actionable intelligence deliverables to improve the overall product coverage. In addition, the team publishes many of its findings in our Unit42 blog.
Your Impact
Track and monitor the security threat landscape, using various information sources to raise flags for gaps and to improve security coverage
Reverse engineer and analyze malware and hack tools used by various threat actors
Discovering new behavioral anomalies and TTPs used by threat actors and assisting in creating relevant mitigations
Write threat intelligence reports and blogs (Technical English fluency - is a must!)
Present your research in internal and international security conferences
Work closely with other domestic and international research teams to collect and disseminate threat intelligence and improve the overall products security coverage.

We are looking for a top-notch Security Research Tech Lead, to resolve the toughest issue in cybersecurity: utilizing terabytes of data for detecting attacks, incident investigation and prioritizing threats.
Responsibilities:
Threat Analysis and Research: Dive deep into terabytes of data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces. Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Incident Investigation: Utilize your technical prowess to investigate complex security incidents, analyzing data from diverse sources to uncover the root causes and methods of attack. Collaborate with incident response teams to develop effective strategies for containment and mitigation.
False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Be at the forefront of the mission and work closely with customers regarding cyber security investigations and incidents detected in their environments

Required Senior Security Researcher, Data & AI (Cortex)
Your Career:
Are you passionate about using cutting-edge technology to help protect the world against cyber threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive AI security group that has an impact on many customers?
You will be part of a strong security research and data science team who solve highly complex security challenges using disruptive technologies, ML algorithms and a lot of data.
As part of that, you will take part in the design and development of new groundbreaking AI security solutions which make a direct impact on many customers.
We value diverse viewpoints and experiences, as we are solving complex cyber security challenges. We are committed to a safe and inclusive workspace.
Your Impact:
Transform Data into Defense: Take the lead in creating high-fidelity security incidents from a massive stream of alerts generated by our industry-leading advanced security solutions.
Innovate with AI: Actively participate in cutting-edge research projects focused on creating novel prevention content at scale using state-of-the-art AI and Large Language Models (LLMs).
Drive Security Efficacy: Analyze complex threat data to identify attacker patterns, develop new prevention methodologies, and enhance automated flows to rapidly protect Cortex platform customers.
Collaborate and Lead: Work side-by-side with top-tier data scientists, engineers, and product managers to translate research ideas into tangible, customer-facing security protections.

Were hiring our first Product Security Researcher (SOC & Incident Response) to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.
Responsibilities
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Required Senior Security Researcher - Security ML Team (Cortex)
As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!
Your Career
Are you passionate about using cutting-edge technology to help protect the world against cyber threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive AI security group that has an impact on many customers?
You will be part of a strong security research and data science team who solve highly complex security challenges using disruptive technologies, ML algorithms and a lot of data.
As part of that, you will take part in the design and development of new groundbreaking AI security solutions which make a direct impact on many customers.
We value diverse viewpoints and experiences, as we are solving complex cyber security challenges. We are committed to a safe and inclusive workspace.
Your Impact:
Be at the forefront of security innovation, building next-gen detection capabilities powered by machine learning, big data, and deep threat intelligence.
Dive deep into low-level systems, reverse engineering, and file-type behavior to uncover novel attack vectors - and then turn that insight into scalable, ML-driven protections.
Work hand-in-hand with rockstar data scientists, engineers, and PMs in a fast-paced, collaborative environment where ideas move quickly from whiteboard to production.
Lead high-impact research initiatives that fuse classic security expertise with modern data science - shaping models, influencing pipelines, and driving real-world protection outcomes.
Be a key player in a multidisciplinary team where your deep security expertise will directly influence ML model design, data pipeline strategy, and real-world product impact.

Were hiring our first Security Researcher to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.
Responsibilities
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.