We are seeking a Threat Researcher to analyze enterprise environments and strengthen network resilience. This role focuses on researching device configurations, network relationships, and lateral movement opportunities, while developing methods and tools to harden infrastructures against advanced threats.
The ideal candidate will also support PoCs by applying research capabilities to real-world govermental environments and working closely with customers to validate threat scenarios and demonstrate cyber value.
The Dream-Maker Responsibilities
Analyze various network devices, configurations, and security products
Implement methods and algorithms to discover network topology, relationships between devices, and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers' network infrastructure and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Drive threat research efforts in customer and PoC environments to uncover, simulate, and validate real-world attack scenarios, demonstrating cyber value through our Security platform capabilities
Translate technical research findings into actionable insights for customer-specific environments.
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams
Produce technical reports and research publications to share findings and methodologies.

Required Security Researcher
The Dream Job
We are on an expedition to find you, someone who is passionate about creating intuitive, out-of-this-world security research. You'll help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
The Dream-Maker Responsibilities
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams.

: Were looking for a hands-on AI Cyber Intelligence Engineer - in the domain of attack surface. Someone who lives and breathes cyber security, loves exploring how attackers move through real environments, and is excited to shape how AI can automate and extend that process.
In this role, youll analyze real-world environments, identify potential attack vectors, and work closely with our AI engineering teams to translate your domain expertise into actionable, intelligent workflows. Youll play a key role in guiding how our platform learns to think and act like a top-tier security analyst.
The Dream-Maker Responsibilities
Design and shape AI-driven security agents by encoding expert attacker and defender reasoning into agentic flows, prompts, decision logic, and investigative strategies.
Translate offensive security and red-team expertise into structured knowledge that enables AI systems to identify, prioritize, and reason about real-world attack paths in complex enterprise environments.
Model attacker behavior and multi-step attack scenarios, focusing on lateral movement, privilege escalation, and cross-domain exploitation - and guide how AI agents simulate and evaluate these scenarios.
Act as a domain expert partner for product and engineering teams, ensuring AI-driven security decisions remain grounded in real attacker tradecraft and operational reality.

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response. You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.

If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.


Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

we are seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the company XDR platform. Leveraging the rich data available in the company Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of our companys XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
Develop advanced detection logic for the XDR platform to identify security threats.
Conduct research using our company Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
Create hunting heuristics and methodologies to uncover unknown or emerging threats.
Continuously improve detection accuracy and enhance the platforms ability to identify threats in a dynamic security landscape.
Participate in cybersecurity breach investigations and security incident activities.
Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.

We are seeking an experienced, visionary Cyber Research Team Lead to guide and grow a multidisciplinary cyber research team. You will lead a group of domain experts - from network engineers and identity specialists, to red-teamers, protocol researchers, penetration testers, data analysts and cloud/virtualization experts - working collaboratively to build our next-gen AI-based posture management platform. As team lead, you will both manage the team and shape the research agenda: coordinating cross-domain investigations, defining priorities, mentoring researchers, and ensuring that research output feeds directly into scalable, intelligent workflows and product capabilities.
If youre passionate about cyber research, enjoy nurturing technical talent, and thrive on building complex, multi-domain security products - this is your chance to build and lead a research team that defines how AI defends modern enterprise infrastructure.
The Dream-Maker Responsibilities
Lead, mentor, and coordinate a diverse, multi-domain cyber research team.
Define and drive the teams research agenda, establishing multi-domain security research priorities aligned with company goals and product roadmap.
Translate research findings into actionable AI-based deliverables - such as automated workflows and agentic flows integrated into the AI-based posture management product.
Coordinate and work in multidisciplinary squads to build customer facing product, ensuring real-world relevance and impact.
Maintain research excellence and innovation culture - encourage internal knowledge-sharing, code/tool reuse, and continuous learning.
Recruit, grow, and manage talent -identify skill gaps, hire new researchers, mentor researchers, and foster a collaborative, high-performance team environment.
Stay current with emerging cyber threats, infrastructure trends (cloud, virtualization, identity systems), adversarial techniques and AI-driven security trends - and evolve research strategies accordingly.

Were looking for Principal Cloud Security Researcher with a strong security background to join our innovative Research team.
The Role
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community
Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product
Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.

We are looking for a Research Team Lead to establish and lead a cross-product research team focused on horizontal, high-impact initiatives that influence multiple company offerings.
Unlike product-embedded research roles, this team drives foundational and strategic research projects across networking, security, identity, automation, and AI-driven capabilities. Examples include large-scale reasoning systems, autonomous policy frameworks, cross-domain detection and response concepts (xOps), and platform-wide intelligence capabilities.
You will combine deep technical expertise with strong leadership and execution skills -identifying impactful research directions, building a high-performing team, and turning advanced research into real platform capabilities used by thousands of customers worldwide.
Responsibilities
Technical Vision & Strategy
Define and execute the roadmap for cross-product research initiatives.
Identify high-leverage research opportunities that impact multiple domains and products.
Drive long-term architectural thinking and influence platform evolution.
Balance innovation, experimentation, and production-readiness.
Team Leadership
Recruit, mentor, and grow a multidisciplinary team of researchers (AI, data, algorithms, networking, security).
Establish high standards for research rigor, experimentation methodology, and engineering quality.
Foster a culture of ownership, collaboration, and technical excellence.
Research & Execution
Lead complex, ambiguous research initiatives from ideation through validation and productionization.
Design large-scale experiments and validation methodologies using our companys data platform.
Drive innovation in areas such as:
Autonomous policy systems
Cross-domain detection and response frameworks
Large-scale reasoning and decision systems
Data-driven optimization and automation capabilities
Ensure research outcomes are measurable, scalable, and aligned with business impact.
Cross-Functional Collaboration
Work closely with Product, Engineering, Architecture, and Product Research teams to translate research into shipped capabilities.
Provide technical guidance and influence cross-organizational decisions.
Act as a bridge between exploratory research and production systems.
Communication & Influence
Present research findings and strategic recommendations to senior leadership.
Produce clear technical documentation, design proposals, and internal position papers.
Represent Platform Research as a center of excellence for cross-product innovation.

The Cloud Research team is an integral part of the Falcon Cloud Security product, tasked with the critical mission of safeguarding cloud environments through innovative detection and response capabilities. This team is works in unison to ensure our customers cloud environments are secure against the ever-changing threats in the security landscape.

As a senior researcher on the team, you will play a pivotal role in conducting security research, and translating it directly into security value for our customers.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments.

You will also get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of our cloud detection capabilities ensuring our customers are secured with the most advanced security measures.

What You'll Do:

Initiate and conduct Cloud Research Initiatives: follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Provide cloud security thought leadership: Share insights and best practices with the broader security community through publications, conference presentations, and technical blogs.