דרושים » אבטחת מידע וסייבר » Senior/Principal Security Researcher - Cloud & Kubernetes (Cortex)

Were looking for Principal Cloud Security Researcher with a strong security background to join our innovative Research team.
The Role
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community
Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product
Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.

Were looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.
On a typical day youll :
Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks

Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.

As an innovator at heart, you will rethink the way SOCs do security. Join the analytics research group to build our analytics module by defining detection use cases, data, and content. You will collaborate with an amazing team of researchers to protect our customers across multiple domains such as Cloud, Kubernetes, SAAS, and Email security while working on a startup-level product within the biggest security company to revolutionize the security market.
Key Responsibilities
Build a startup-level security product within a corporate environment, blending agility with enterprise resources to deliver cutting-edge solutions.
Explore how email threats evolve into Cloud, SaaS, Endpoint, and Network domains, developing detection mechanisms to counter complex attack vectors.
Gain expertise across diverse domains, including endpoint, cloud, and SaaS security, to foster a comprehensive understanding of the threat landscape.
Design advanced detection systems using machine learning and LLMs to identify and mitigate threats.
Simulate and analyze sophisticated attacks to anticipate and counter evolving threats.
Share insights with the security community through blogs, white papers, and conferences.
Collaborate with a skilled team to innovate and enhance security offerings across various domains.

Are you an innovative security researcher with a deep understanding of the cyber threat landscape and a passion for protecting modern environments? Do you want to tackle the challenge of securing enterprise networks against evolving threats?
We are seeking a highly skilled professional to focus on the critical, fast-paced domain of Virtualization Security. As a foundational member of a newly formed and growing team, you will explore the 'blue ocean' of threat detection, pioneering next-generation capabilities within the worlds largest cybersecurity enterprise. This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilities
Conduct deep research into virtualization technologies, and targeted attacks to fortify our attack prevention mechanisms.
Stay current with the latest attacker methodologies, APT campaigns, and Tactics, Techniques, and Procedures (TTPs) targeting virtualization systems.
Analyze emerging threats and malware to identify new techniques and formulate effective detection and prevention strategies.
Leverage AI and big data methodologies to investigate and analyze extensive datasets across our customer base.
Design cutting-edge protection components and develop sophisticated detection rules to enhance the effectiveness of our security solutions.
Drive the research and development of novel protection concepts, seeing them through to production-grade quality, and serve as a subject matter expert in the field.
Play a pivotal role in shaping the future of our security product offerings.
Collaborate closely with Engineering, Product Management, and other research teams to seamlessly translate research findings and insights into new production features.

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power of our company. In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our company's detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

The Cloud Research team is an integral part of the Falcon Cloud Security product, tasked with the critical mission of safeguarding cloud environments through innovative detection and response capabilities. This team is works in unison to ensure our customers cloud environments are secure against the ever-changing threats in the security landscape.

As a senior researcher on the team, you will play a pivotal role in conducting security research, and translating it directly into security value for our customers.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments.

You will also get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of our cloud detection capabilities ensuring our customers are secured with the most advanced security measures.

What You'll Do:

Initiate and conduct Cloud Research Initiatives: follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Provide cloud security thought leadership: Share insights and best practices with the broader security community through publications, conference presentations, and technical blogs.

We are seeking a seasoned security leader to manage a high-caliber research team focused on the security of Identity, SaaS, and Cloud ecosystems. In this role, you will provide technical mentorship and strategic vision, guiding research into service risk profiling and adversarial TTPs analysis. You will be the bridge between cutting-edge research and product innovation, ensuring our findings translate into high-impact security outcomes to stay ahead of modern adversaries.
Key Responsibilities
Define the research roadmap for Identity, SaaS, and Cloud risks, ensuring the team's outputs align with the evolving threat landscape and company goals.
Lead and grow a diverse team of security researchers, providing the technical guidance and career development necessary to maintain a world-class research organization.
Leverage your experience in a product-focused environment to ensure research outcomes directly influence service security strategies and customer-facing solutions.
Oversee the execution of high-fidelity attack simulations and TTP deconstruction, ensuring the 'how-to' of secure service usage is clearly defined and actionable.
Partner with Engineering, Product Management, and Threat Intel teams to transform raw research into robust mitigation strategies and resilient service blueprints.
Represent the team's research internally and externally, positioning the organization as a premier authority on Identity-centric and Cloud security.

Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
Were looking for a Security Researcher to help us stay ahead of threats across cloud, runtime, and application environments. This role is intentionally broad and can fit backgrounds in operating systems and Linux internals, vulnerability research, DFIR, penetration testing, and incident response, threat detection, AppSec, and cloud security.
On a typical day youll:
Research and analyze emerging threats across cloud platforms, applications, APIs, and runtime environments
Investigate attacks and security incidents, then turn findings into improved detections and product capabilities
Build detection logic, analytics, rules, and signatures for vulnerabilities, exposures, and active threats
Contribute to runtime and cloud security visibility and detection (Linux, containers, Kubernetes)
Prototype tools and automation to speed up research and improve detection accuracy
Share knowledge through internal enablement, blog posts, whitepapers, or conference talks