דרושים » אבטחת מידע וסייבר » Threat Detection Researcher (Cloud)

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

Are you passionate about innovation in cloud security and want to redefine how Security Operations Centers (SOCs) leverage both agent and agentless technologies for detection and response? Join our cutting-edge Security Research team and lead the development of next-generation cloud detection and response solutions. In this role, you will define detection use cases, analyze threat data, and create advanced security content to protect against evolving threats in cloud environments. Be part of an exceptional team of researchers and engineers dedicated to safeguarding our customers. This is your opportunity to dive into pioneering technologies that integrate cloud security with innovative detection methodologies in a world-leading cybersecurity company.
Your Impact
Conduct ongoing research to identify and develop new detection techniques for both agent-based and agentless cloud technologies
Stay ahead of Advanced Threats, attacker methodologies, and Tactics, Techniques, and Procedures (TTPs) to ensure our solutions remain proactive and effective against emerging threats
Simulate real-world attack scenarios in lab settings, performing in-depth analysis of adversarial behaviors and their implications for cloud security
Foster a collaborative atmosphere within an experienced, diverse, and supportive research team, driving forward new and innovative ideas in cloud detection and response.

We're looking for a Manager to lead a security research team for detection and response across cloud environments. This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Your Impact
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

Were looking for a top-notch Threat Detection Researcher to join our team
WHAT YOULL DO

Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team.
In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Your Impact
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models
Research specific scenarios to enhance our model's capabilities
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

Were hiring our first Security Researcher to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.

Responsibilities:
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

We are seeking a highly skilled Principal Security Researcher to join our Threat and Detection Group at the Tel-Aviv R&D center.
This team focuses on PANW Cortex Security and Security Assurance features across various operating systems and platforms, including (but not limited to) Linux, Mac, and Cloud. This is an applied research role with a clear mission: your research directly improves the detection and prevention capabilities of our XDR agent.
The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.
You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.
Your Impact
Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
Act as a key research partner with engineering teams to push and validate our product capabilities.
Leverage data-driven approaches to identify threats and propose effective mitigations.

Were hiring our first Product Security Researcher (SOC & Incident Response) to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.

Responsibilities:
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Are you passionate about advancing automation in identity security? Do you thrive at the intersection of research, innovation, and large-scale impact? As a Senior Security Researcher, you will drive the design of autonomous response strategies to counter identity-based threats, misconfigurations, and abuse scenarios. Your research will directly shape the Cortex platforms ability to remediate identity-driven attacks, ensuring effective, safe, and scalable automation for our customers. You will collaborate with world-class researchers and engineers to deliver on the vision of the Autonomous SOC.
Your Impact
Lead the design and implementation of robust, testable, and safe remediation playbooks for identity-related threats (e.g., privilege escalation, credential abuse, lateral movement, IAM misconfigurations).
Conduct deep research on adversary TTPs targeting identity systems and translate insights into automated detection and response mechanisms.
Drive innovation in identity security automation by applying data analysis, modeling, and programming to refine remediation strategies.
Serve as a subject-matter expert and mentor within the research group, elevating the teams overall expertise in identity security.
Stay ahead of evolving identity-based attack vectors, cloud-native identity risks, and advanced adversary tradecraft to ensure our automation keeps pace with threats.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
As a Manager of the Core Cloud Posture team, you will lead a new, high-impact team of security researchers. You'll innovate and build on top of our market-leading posture portfolio and be responsible for the "what's next." Your mission is to innovate on top of this foundation, build the intelligent "connective tissue" that provides unparalleled context, and architect the next-generation features that will keep us ahead of the market.
Your Impact
Lead, and grow a team of talented security researchers focused on enhancing the cloud security posture of our customers.
Act as a technical mentor and force multiplier for junior security researchers. You will actively share your deep industry experience, guide their research methodologies, and foster a learning environment that accelerates their professional development from talented juniors into autonomous experts.
Champion the continuous evolution of our security logic. You will ensure our posture coverage keeps pace with the rapidly changing cloud landscape, systematically addressing gaps and refining our policies to address evolving threats.
Leverage our advanced cross-product engines to synthesize isolated findings into a cohesive, prioritized story of risk for the customer.
Stay ahead of the evolving cloud threat landscape, translating the latest research on cloud-native based attacks into resilient posture policies that effectively minimize the attack surface.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions.