דרושים » מחשבים ורשתות » Principal/Senior Linux Security Researcher (Cortex)

We are looking for a macOS Security Researcher for our Tel Aviv R&D center to work on Cortex-XDR for Mac. You will be part of a team in charge of researching, developing, and improving Anti-Malware and Anti-Exploit capabilities. This role involves researching OS internals, exploits, malware, and finding ways to mitigate new attack vectors.
Key Responsibilities
Research, develop, and improve anti-exploitation mitigations and anti-malware modules.
Research macOS internals, application code bases, vulnerabilities, and exploits.
Research malware and find different ways to detect and prevent them.
Analyze customer data to help with detecting and preventing malicious activities in our customers networks.

Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.

We are looking for a Linux Internals Software Engineer for our Tel Aviv R&D center. You will be part of a team that designs and develops the Linux internals components of our revolutionary endpoint security product for the Linux platform
More information about Cortex XDR product can be found here.
Key Responsibilities
Design and implement innovative capabilities for a market-leading product, deployed on a range of platforms from bare-metal to the cloud.
Develop critical components in the Linux internals parts of the product, including user and kernel-mode OS-related infrastructures in both C and C++.
Utilize cutting-edge Linux technologies for real-time event collection, anti-malware, anti-exploitation, and network filtering.
Lead features by collaborating and coordinating with other development and QA teams to ensure alignment on shared objectives.
Uphold and contribute to a team culture that values software development best practices and high standards for quality.

The team is responsible for developing and improving our Linux anti-malware prevention. This includes having top-notch knowledge about the latest malware families in the wild, Linux internals, different attack frameworks and hacktools. As part of this, the team analyzes customer data and issues to prevent malicious activities in our customer's environment, and help to improve the product.
Key Responsibilities
Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
Create behavioral-based protection that enhances our product's coverage
Leverage our company's massive collection network to identify coverage gaps and emerging threats
Assist in the design, research, evaluation and implementation of new security technologies and features
Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams.

Are you an innovative security researcher with a deep understanding of the cyber threat landscape and a passion for protecting modern environments? Do you want to tackle the challenge of securing enterprise networks against evolving threats?
We are seeking a highly skilled professional to focus on the critical, fast-paced domain of Virtualization Security. As a foundational member of a newly formed and growing team, you will explore the 'blue ocean' of threat detection, pioneering next-generation capabilities within the worlds largest cybersecurity enterprise. This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilities
Conduct deep research into virtualization technologies, and targeted attacks to fortify our attack prevention mechanisms.
Stay current with the latest attacker methodologies, APT campaigns, and Tactics, Techniques, and Procedures (TTPs) targeting virtualization systems.
Analyze emerging threats and malware to identify new techniques and formulate effective detection and prevention strategies.
Leverage AI and big data methodologies to investigate and analyze extensive datasets across our customer base.
Design cutting-edge protection components and develop sophisticated detection rules to enhance the effectiveness of our security solutions.
Drive the research and development of novel protection concepts, seeing them through to production-grade quality, and serve as a subject matter expert in the field.
Play a pivotal role in shaping the future of our security product offerings.
Collaborate closely with Engineering, Product Management, and other research teams to seamlessly translate research findings and insights into new production features.

Required Senior Windows Detection Engineer
What Are We Looking For?
Were looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.
As the Senior Windows Detection Engineer, you will research and detect the latest malware and exploits targeting the EPP platform. You will reverse-engineer samples to design and implement robust detection methods that prevent sophisticated attacks. Additionally, you will develop custom research tools and PoCs to enhance security across millions of endpoints.
Why us?
Because you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming them.
You will work with the very BEST in the industry in a flexible and independent environment.
You will influence the design of a disruptive product that will shape the security industry of tomorrow.
What will you do?
You will be responsible for detecting the newest malware and exploits based on our EPP platform. The role includes an end to end responsibility for behaviour based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end. You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.

Appdome’s mission is to protect every mobile app in the world and the people who use mobile apps in their lives and at work. Appdome provides mobile brands with the only patented, centralized, data-driven Mobile Cyber Defense Automation platform, delivering rapid no-code, no-SDK mobile app security, anti-fraud, anti-malware, anti-cheat, anti-bot implementations, configuration as code ease, Threat-Events™ threat-aware UI/UX control, ThreatScope™ Mobile XDR, and Certified Secure™ DevSecOps Certification in one integrated system. With Appdome, mobile developers, cyber and fraud teams can accelerate delivery, guarantee compliance, and leverage automation to build, test, release, and monitor the full range of cyber, anti-fraud, and other defenses needed in mobile apps from inside mobile DevOps and CI/CD pipeline. Leading financial, healthcare, m-commerce, consumer, and B2B brands use Appdome to upgrade mobile DevSecOps and protect Android & iOS apps, mobile customers, and mobile businesses globally. Today, Appdome's customers use their platform to secure over 50,000+ mobile apps with protection of over 1B mobile end users projected. Job description Appdome is looking for a talented, passionate Offensive Researcher to join our innovative research team. If you’re eager to explore cutting-edge mobile security techniques and help safeguard the mobile app ecosystem, this is the role for you! As a key player in our security team, you'll design and execute sophisticated attack simulations on the Appdome platform. Your work will touch on diverse attack vectors, including file systems, networks, jailbreaks, memory injections, and more.

Were looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.
On a typical day youll :
Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks

We are looking for a Security Researcher to join our Windows EDR behavioral detection team. You will create statistics-based classification algorithms to detect new malware, process behavior anomalies, and attackers in enterprise networks using data from multiple Windows endpoints. This involves analyzing attack patterns, finding statistical anomalies, and validating detections against real attacks and APTs on customer data.
Key Responsibilities
Research new methods to detect various attack techniques by utilizing enormous amounts and varied types of data.
Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities.
Take an active role in our collection modules by improving existing ones and investigating new ones to improve detection quality.
Simulate attacks in the lab and conduct a deep analysis of the behavior.
Be part of a diverse research group, improving our research processes to create a better product.
Stay up to date with APTs, attacker methodologies, and TTPs.

Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
Were looking for a Security Researcher to help us stay ahead of threats across cloud, runtime, and application environments. This role is intentionally broad and can fit backgrounds in operating systems and Linux internals, vulnerability research, DFIR, penetration testing, and incident response, threat detection, AppSec, and cloud security.
On a typical day youll:
Research and analyze emerging threats across cloud platforms, applications, APIs, and runtime environments
Investigate attacks and security incidents, then turn findings into improved detections and product capabilities
Build detection logic, analytics, rules, and signatures for vulnerabilities, exposures, and active threats
Contribute to runtime and cloud security visibility and detection (Linux, containers, Kubernetes)
Prototype tools and automation to speed up research and improve detection accuracy
Share knowledge through internal enablement, blog posts, whitepapers, or conference talks