דרושים » מחשבים ורשתות » Principal Linux Security Researcher (Cortex)

We are looking for a Senior Windows Security Researcher for our Tel Aviv R&D center.
You will be part of a team that is responsible for researching and improving Windows Anti-Exploit capabilities. This includes having top-notch knowledge about the latest exploitation techniques and Windows internals.
Your Impact
Research vulnerabilities and exploits
Research, develop, and improve anti exploitation mitigations using OS Low-Level mechanisms
Work on the design, evaluation, and implementation of new security technologies
Develop POCs for exploits
Analyze customer issues to help with detecting and preventing Malicious activities in our customers networks
Publish research done internally.

We are seeking a highly skilled Principal Security Researcher to join our Threat and Detection Group at the Tel-Aviv R&D center.
This team focuses on PANW Cortex Security and Security Assurance features across various operating systems and platforms, including (but not limited to) Linux, Mac, and Cloud. This is an applied research role with a clear mission: your research directly improves the detection and prevention capabilities of our XDR agent.
The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.
You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.
Your Impact
Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
Act as a key research partner with engineering teams to push and validate our product capabilities.
Leverage data-driven approaches to identify threats and propose effective mitigations.

We are looking for a Linux Internals Software Engineer for our Tel Aviv R&D center. You will be part of a team that designs and develops the Linux internals components of our revolutionary endpoint security product for the Linux platform.
More information about Cortex XDR product can be found here.
Key Responsibilities
Design and implement innovative capabilities for a market leading product, deployed on a range of platforms from bare-metal to the cloud
Develop critical components in the Linux internals parts of the product, incl. user and kernel-mode OS-related infrastructures in both C and C++
Utilize cutting-edge Linux technologies for real-time event collection, anti-malware, anti-exploitation, network filtering and more
Lead features in coordination with other development and QA teams
Be part a team that values SW development best practices and high standards.

Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux and API security. You'll be a foundational member of a new and growing team dedicated to the "blue ocean" of detection and developing multiple new fields within the biggest cybersecurity enterprise in the world. This is a unique opportunity to apply your expertise and influence the future of threat prevention, helping us build cutting-edge security solutions from the ground up.
Key Responsibilities
Playing a pivotal role in shaping the future of our security solutions
Enhance the effectiveness of our product by designing cutting-edge protection components and developing sophisticated detection rules
Research Linux OS internals, Virtualized environments, and low-level system behaviors to inform and enhance our attack prevention mechanisms
Investigate and develop innovative methods for detecting threats and securing APIs, ensuring robust protection for modern applications and cloud-native environments
Apply sophisticated AI and big data approaches to investigate and research large amounts of data across our clients
Research and lead novel protection ideas to a production-grade level, serving as a subject matter expert
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems and APIs
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop corresponding mitigation strategies
Work closely with engineering, product management, and other research teams to translate research findings into production-grade features.

Are you passionate about innovation in cloud security and want to redefine how Security Operations Centers (SOCs) leverage both agent and agentless technologies for detection and response? Join our cutting-edge Security Research team and lead the development of next-generation cloud detection and response solutions. In this role, you will define detection use cases, analyze threat data, and create advanced security content to protect against evolving threats in cloud environments. Be part of an exceptional team of researchers and engineers dedicated to safeguarding our customers. This is your opportunity to dive into pioneering technologies that integrate cloud security with innovative detection methodologies in a world-leading cybersecurity company.
Your Impact
Conduct ongoing research to identify and develop new detection techniques for both agent-based and agentless cloud technologies
Stay ahead of Advanced Threats, attacker methodologies, and Tactics, Techniques, and Procedures (TTPs) to ensure our solutions remain proactive and effective against emerging threats
Simulate real-world attack scenarios in lab settings, performing in-depth analysis of adversarial behaviors and their implications for cloud security
Foster a collaborative atmosphere within an experienced, diverse, and supportive research team, driving forward new and innovative ideas in cloud detection and response.

The CSO Security team is looking for a Senior Application Security Researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our products adhere to the stringent security requirements of our thousands of customers.

As a Senior Application Security Researcher you will
Continuously assess and challenge our overall security posture to ensure optimal and up-to-date platform security in our products and systems.
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks.
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance.
Evaluate new technologies and standards in the application security domain.
Plan and lead cross-company efforts with the R&D that will improve our security posture.

As a Principal Security Researcher on the Cortex Cloud research team, youll lead deep, hands-on security research across cloud and AI environments- from uncovering vulnerabilities and novel attack paths to building the protections that stop them.
Your impact doesnt end with detections. This team is also responsible for driving product innovation: identifying gaps in how cloud environments are secured, finding new ways to close those gaps, and partnering with engineering, product and marketing to take those ideas from a POC to implementation. Whether its a new detection engine, risk signal, or protection method- your research directly shapes the product.
You'll research the AI attack surface in depth, and push the boundaries of what cloud and AI security can achieve. If you're looking for a role where research leads to real-world defense- and product innovation is part of your day job- this is the team.
Key Responsibilities
Research and uncover vulnerabilities and abuse paths in cloud services, with a strong focus on AI, identity, and data pipelines
Collaborate with product and engineering to ship detections and logic based on your findings
Research-driven impact - drive innovation from idea to execution: Identify emerging security gaps, build proof-of-concepts, and partner with engineering, product and marketing to translate research into actual product features and detection logic.
Represent the team through public blogs, conferences and research collaborations with cloud vendorsPublish internal or external research and represent the team at industry events or blogs.
Lead the discovery of novel attack vectors- e.g., cross-tenant access, NHI abuse, RAG poisoning, privilege escalation.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

We are looking for a Security Researcher to join our Windows EDR behavioral detection team.
You will create statistics-based classification algorithms detecting everything from new malware through process behavior and attackers operating in enterprise-scale networks using data from multiple Windows endpoints; from analyzing attack patterns, finding statistical anomalies, and validating that you detect real attacks and APTs on real customer data.
Your Impact
Research new methods to detect various attack techniques by utilizing enormous amounts and varied types of data
Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities
Take an active role in our collection modules by improving the ones that are already available and investigating new collection modules that will improve the quality of our detections
Simulate attacks in the lab and conduct a deep analysis of the behavior
Be part of a diverse research group, improving our research processes and leading us to be a better team, creating a better product
Stay up to date with APTs, attacker methodologies, and TTPs.

We are looking for a unique talent to bridge the gap between low-level system observability and high-level AI reasoning.
You will sit at the intersection of our deep tech initiatives: actively developing our eBPF agent (Cimon) while simultaneously leading the charge on our AI innovation security research.
In this role, you will be the architect of our "security brain." You will write the low-level code that observes what is happening (eBPF/Golang) and build the AI models that understand, diagnose, and prevent issues (LLMs/Python).