דרושים » תוכנה » Senior Threat Intelligence Researcher

Required Senior Malware Researcher
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Dream-Maker Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

Required Cyber Threat Landscape Researcher
Israel: Tel Aviv/ Hybrid (Israel)
R&D | Full Time | Job Id: 25150
Why Join Us?
The Threat Intelligence group, a key member of the Research department, leads global threat research efforts, and improves threat coverage across the evolving cyber threat landscape.
The group focuses on understanding and tracking cybercriminal organizations, nation-state (APT) actors, hacktivist activity, active malware campaigns, and emerging adversary trends. The research produced by the team supports both strategic insight and the development of advanced security technologies.
This role is responsible for conducting in-depth cyber threat landscape research and owning the full intelligence research lifecycle-from intelligence collection through analysis and written output.
Key Responsibilities:
Research and analyze cyber threat actors.
Be the first to flag trends, new malware, threat actors and intelligence items that stand out in the crowd
Execute the full intelligence research lifecycle:
Monitoring and analyzing the digital underground - including the DarkNet, the DeepWeb, and other open and restricted sources
Gather & flag intelligence that stands out.
Assess, validate, and refine raw information into high-confidence insights
Produce clear, well-structured written research and threat assessments
Build, maintain, and continuously evaluate a diverse set of reliable intelligence sources
Identify long-term trends, relationships, and shifts in adversary behavior
Conduct deep intelligence collection operations and collect proprietary intelligence
Collaborate with other researchers and internal stakeholders to contextualize findings and improve threat coverage
Maintain high analytical and research standards, including sourcing, attribution, and methodological rigor

Required Malware Researcher- CTI
The Dream Job
As a Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Dream-Maker Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

We are seeking a dynamic and experienced Threat Hunter to lead proactive cybersecurity efforts by uncovering hidden threats across our environment. In this role, you will drive hypothesis-based hunting, perform deep analysis and validation of security telemetry, investigate suspicious network activity, and continuously improve threat detection and response. You will also assess CVE relevance and exploitability to prioritize real-world risk, and leverage threat intelligence feeds and enrichment pipelines to enhance hunting context, detection accuracy, and response effectiveness.

If you thrive in a fast-paced environment and are excited about pushing the boundaries of cybersecurity, we want to hear from you.


Responsibilities:
Apply data analytics to analyze security-related network data, uncover actionable threat intelligence, detect anomalies and malicious behavior, and automate findings into an enhanced detection system.
Leverage current cybersecurity knowledge to interpret and contextualize findings, enabling informed decision-making and proactive measures to strengthen overall cybersecurity defenses.
Work closely with Product and Engineering to translate threat intelligence into product strategy, prioritized features, and defensive enhancements.
Monitor and analyze the latest vulnerabilities, CVEs, exploits, and threat actor TTPs, with a focus on techniques relevant to microsegmentation, identity security, lateral movement, and internal reconnaissance.
Integrate external threat feeds and intelligence sources into our product - including normalization, enrichment, classification, and validation of feed relevance.
Contribute to detection logic, threat models, and internal tooling that turn intelligence into prevention and protection.
Provide on-the-fly support during customer incident response events and penetration testing exercises by leveraging expertise to promptly detect and block security threats.

we are seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the company XDR platform. Leveraging the rich data available in the company Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of our companys XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
Develop advanced detection logic for the XDR platform to identify security threats.
Conduct research using our company Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
Create hunting heuristics and methodologies to uncover unknown or emerging threats.
Continuously improve detection accuracy and enhance the platforms ability to identify threats in a dynamic security landscape.
Participate in cybersecurity breach investigations and security incident activities.
Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.

As a senior researcher and tech lead on the team, you will play a pivotal role in conducting security research while mentoring and guiding fellow researchers to scale our capabilities. Beyond your individual contributions, you'll help establish research methodologies, foster collaboration, and build a culture of technical excellence within our growing team.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments. You will get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of cloud detection capabilities while helping develop the next generation of security researchers.

What You'll Do
Initiate and conduct Cloud Research Initiatives: Follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Lead and mentor research efforts: Guide fellow researchers in technical decision-making, establish research best practices and methodologies, and foster knowledge sharing within the team to build collective expertise.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Coordinate research initiatives: Lead technical discussions, prioritize research objectives within your area of responsibility, and ensure alignment with broader team goals and product roadmap.

We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed.
This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results.
We are seeking an analytical and experienced Threat Intelligence Researcher to join our team. This is a technical role that necessitates bridging the gap between traditional intelligence analysis and software engineering principles.
You will be responsible for producing strategic and technical intelligence reports and developing automation and scripting solutions for the team.
Specifically, your focus will be on:
Intelligence Reporting: Conduct in-depth investigations and produce comprehensive reports based on customer requests.
Client Engagement: Participate in customer-facing meetings as required to present findings or gather requirements.
Tool Development: Design, implement, and maintain internal tools, scripts, and data scrapers (primarily utilizing Python) to streamline data collection and analysis.
Actionable Intelligence Production: Convert raw technical data into finished, actionable intelligence products, including detailed technical reports, the creation of YARA/Sigma rules, and executive-level briefings.

Were looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.
On a typical day youll:
Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power. In this role, you will further develop the Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

Required Senior ML Research Engineer
Israel: Tel Aviv/ Hybrid
R&D | Full Time | Job Id: 24793
Your Impact & Responsibilities:
As a Senior ML Research Engineer, you will be responsible for the end-to-end lifecycle of large language models: from data definition and curation, through training and evaluation, to providing robust models that can be consumed by product and platform teams.
Own training and fine-tuning of LLMs / seq2seq models: Design and execute training pipelines for transformer-based models (encoder-decoder, decoder-only, retrievalaugmented, etc.), and fine-tune open-source LLMs -specific data (security content, logs, incidents, customer interactions).
Apply advanced LLM training techniques such as instruction tuning, preference / contrastive learning, LoRA / PEFT, continual pre-training, and domain adaptation where appropriate.
Work deeply with data: define data strategies with product, research and domain experts; build and maintain data pipelines for collecting, cleaning, de-duplicating and labeling large-scale text, code and semi-structured data; and design synthetic data generation and augmentation pipelines.
Build robust evaluation and experimentation frameworks: define offline metrics for LLM quality (task-specific accuracy, calibration, hallucination rate, safety, latency and cost); implement automated evaluation suites (benchmarks, regression tests, redteaming scenarios); and track model performance over time.
Scale training and inference: use distributed training frameworks (e.g. DeepSpeed, FSDP, tensor/pipeline parallelism) to efficiently train models on multi-GPU / multi-node clusters, and optimize inference performance and cost with techniques such as quantization, distillation and caching.
Collaborate closely with security researchers and data engineers to turn domain knowledge and threat intelligence into high-value training and evaluation data, and to expose your models through well-defined interfaces to downstream product and platform teams.