דרושים » אבטחת מידע וסייבר » Malware Researcher- CTI

Required Senior Malware Researcher
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Dream-Maker Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

Required Senior Threat Intelligence Researcher
The Dream Job
As a Senior Threat Intelligence Researcher, you will be responsible for tracking advanced adversaries and leveraging your deep technical expertise across attacker capabilities, infrastructure, and tactics. You will create and refine approaches to uncover and monitor active threat actors, as well as surface irregular and emerging behaviors in the broader threat landscape. The intelligence you generate will directly strengthen our understanding of threat actors and will inform proactive hunting, detection engineering, and defensive decision-making.
The Dream-Maker Responsibilities
Lead complex threat intelligence investigations through in-depth analysis of the global threat landscape, with a focus on advanced and state-linked actors.
Define and prioritize threat research focus areas (actors, campaigns, sectors, techniques) aligned with our customers and product roadmap.
Deliver actionable cyber threat intelligence and design and execute hunting campaigns using analytics, automation, and advanced AI capabilities.
Curate and maintain structured knowledge on actors, campaigns, infrastructure, and TTPs in our internal threat knowledge base.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

Required Cyber Threat Landscape Researcher
Israel: Tel Aviv/ Hybrid (Israel)
R&D | Full Time | Job Id: 25150
Why Join Us?
The Threat Intelligence group, a key member of the Research department, leads global threat research efforts, and improves threat coverage across the evolving cyber threat landscape.
The group focuses on understanding and tracking cybercriminal organizations, nation-state (APT) actors, hacktivist activity, active malware campaigns, and emerging adversary trends. The research produced by the team supports both strategic insight and the development of advanced security technologies.
This role is responsible for conducting in-depth cyber threat landscape research and owning the full intelligence research lifecycle-from intelligence collection through analysis and written output.
Key Responsibilities:
Research and analyze cyber threat actors.
Be the first to flag trends, new malware, threat actors and intelligence items that stand out in the crowd
Execute the full intelligence research lifecycle:
Monitoring and analyzing the digital underground - including the DarkNet, the DeepWeb, and other open and restricted sources
Gather & flag intelligence that stands out.
Assess, validate, and refine raw information into high-confidence insights
Produce clear, well-structured written research and threat assessments
Build, maintain, and continuously evaluate a diverse set of reliable intelligence sources
Identify long-term trends, relationships, and shifts in adversary behavior
Conduct deep intelligence collection operations and collect proprietary intelligence
Collaborate with other researchers and internal stakeholders to contextualize findings and improve threat coverage
Maintain high analytical and research standards, including sourcing, attribution, and methodological rigor

We are looking for a Security Researcher who thrives on both sides of the fence. You will develop offensive tradecraft-discovering new attack vectors and writing exploits-then use that perspective to engineer robust, product-level mitigations. If youre energized by finding a novel browser attack on Monday and shipping the defense for it by Friday, this role is for you.
Key Responsibilities
Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows.
Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings; close the loop from attack to protection.
Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses).
Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries.
Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs.
Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.).

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power. In this role, you will further develop the Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

we are seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the company XDR platform. Leveraging the rich data available in the company Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of our companys XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
Develop advanced detection logic for the XDR platform to identify security threats.
Conduct research using our company Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
Create hunting heuristics and methodologies to uncover unknown or emerging threats.
Continuously improve detection accuracy and enhance the platforms ability to identify threats in a dynamic security landscape.
Participate in cybersecurity breach investigations and security incident activities.
Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution. You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.

Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.



Roles and Responsibilities:

Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

We are seeking a Threat Researcher to analyze enterprise environments and strengthen network resilience. This role focuses on researching device configurations, network relationships, and lateral movement opportunities, while developing methods and tools to harden infrastructures against advanced threats.
The ideal candidate will also support PoCs by applying research capabilities to real-world govermental environments and working closely with customers to validate threat scenarios and demonstrate cyber value.
The Dream-Maker Responsibilities
Analyze various network devices, configurations, and security products
Implement methods and algorithms to discover network topology, relationships between devices, and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers' network infrastructure and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Drive threat research efforts in customer and PoC environments to uncover, simulate, and validate real-world attack scenarios, demonstrating cyber value through our Security platform capabilities
Translate technical research findings into actionable insights for customer-specific environments.
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams
Produce technical reports and research publications to share findings and methodologies.

Lead and grow the team in charge of researching and developing Autopilot, an innovative product for graph-based fully-autonomous investigation and response (Over the Cortex platform).
As the manager of the Autopilot team, you'll lead a team of security researchers, set the project's technical vision and standards, and own its success.
You will lead an innovative team on the research, design, and development of a new graph-oriented security product. Creating investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
You'll work closely with other development and product teams to turn a successful POC into a full-fledged product, staying agile in a dynamic environment and using data-driven empirical research to determine and drive the project in the best direction.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Lead and developa team of security researchers, providing mentorship, guidance, and continuous feedback to help them grow their careers (Manage the team, develop the people).
Drive the research strategy and executionfor new autonomous methods for investigating and responding to targeted attackers, leveraging large-scale XDR data and graph-based algorithms.
Ensure collaboration with engineering, product, and other research teams, acting as a key interface to push the project forward and align on cross-functional goals.
Direct the team's work on deep, hands-on investigations of real incidents to reinforce the best investigation and response approach, leveraging a combination of os-internals, TTPs, semi-labeled data, and large-scale statistical methods.
Foster a disruptive environment that innovates using advanced techniques such as graph algorithms, machine learning, and LLM agents to mimic and scale human security analyst workflows.

As a Principal/Senior Windows Exploit Researcher, you will be a key member of our Tel Aviv R&D center, responsible for leading research into Windows Anti-Exploit capabilities. You will leverage your top-notch knowledge of the latest exploitation techniques and deep Windows internals to architect and develop the next generation of security protections. Your work will directly contribute to safeguarding our customers from the most sophisticated cyber threats.
Key Responsibilities
Lead advanced research into novel vulnerabilities and complex exploits targeting the Windows operating system.
Architect, develop, and improve sophisticated anti-exploitation mitigations using low-level OS mechanisms, challenging the status quo with innovative solutions.
Drive the design, evaluation, and implementation of next-generation security technologies from conception to deployment.
Develop proof-of-concept (POC) exploits to validate research findings and test the effectiveness of new and existing mitigations.
Analyze customer escalations to help with detecting and preventing malicious activities in our customers networks
Publish research done internally.