דרושים » אבטחת מידע וסייבר » Senior Linux Detection Researcher (Cortex)

As the Manager of the Rapid Response (RR) team, you will lead a group of malware analysts responsible for developing, improving, and deploying our rapid anti-malware prevention capabilities. Your team is on the front lines of statically analyzing urgent customer issues, stopping malicious activities in their tracks, and developing to halt attacks at the earliest possible stage. In this role, you will guide the teams technical direction, drive automation initiatives, and act as the critical bridge between frontline support, global research, and engineering.
Key Responsibilities
Lead, mentor, and develop a team of fast-paced malware analysts, fostering a "play to win" culture.
Oversee the daily triage, investigation, and resolution of urgent customer escalations, specifically False Positive (FP) and False Negative (FN) malware prevention events - ensuring swift and accurate mitigation.
Drive the team's automation efforts, identifying opportunities to automate routines to reduce response times and scale the team's capabilities.
Direct the analysis of emerging malware families, OS internals, and attack frameworks to ensure the team maintains an up-to-date overview of the current threat landscape.
Guide the development of rapid, high-quality prevention signatures (e.g., YARA, IPS) to enhance product coverage.
Act as the primary technical escalation point and work in close coordination with global research teams, support, engineering, and other cross-functional stakeholders.

Are you an innovative security researcher with a deep understanding of the cyber threat landscape and a passion for protecting modern environments? Do you want to tackle the challenge of securing enterprise networks against evolving threats?
We are seeking a highly skilled professional to focus on the critical, fast-paced domain of Virtualization Security. As a foundational member of a newly formed and growing team, you will explore the 'blue ocean' of threat detection, pioneering next-generation capabilities within the worlds largest cybersecurity enterprise. This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilities
Conduct deep research into virtualization technologies, and targeted attacks to fortify our attack prevention mechanisms.
Stay current with the latest attacker methodologies, APT campaigns, and Tactics, Techniques, and Procedures (TTPs) targeting virtualization systems.
Analyze emerging threats and malware to identify new techniques and formulate effective detection and prevention strategies.
Leverage AI and big data methodologies to investigate and analyze extensive datasets across our customer base.
Design cutting-edge protection components and develop sophisticated detection rules to enhance the effectiveness of our security solutions.
Drive the research and development of novel protection concepts, seeing them through to production-grade quality, and serve as a subject matter expert in the field.
Play a pivotal role in shaping the future of our security product offerings.
Collaborate closely with Engineering, Product Management, and other research teams to seamlessly translate research findings and insights into new production features.

Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.

We are seeking a Senior/Principal Linux Security Researcher for our Tel Aviv R&D center to advance our Cortex-XDR Agent for the Linux platform, which provides runtime protection to servers and cloud workloads. In this role, you will be a key member of a team responsible for researching, developing, and improving our Anti-Exploit and Anti-Malware capabilities. Your work will involve deep exploration of OS internals, exploits, malware, delving into cloud security, and finding ways to mitigate new attack vectors.
Key Responsibilities
Research, develop, and improve state-of-the-art endpoint security solutions focused on comprehensive prevention. This includes broad defense against attack classes like malware and exploits, spanning from low-level mitigations to application-level security
Research Linux OS internals, kernel, application codebases, vulnerabilities, malware and exploits
Respond to security events coming from customers, in the context of malware and exploitation prevention.

we are seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the company XDR platform. Leveraging the rich data available in the company Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of our companys XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
Develop advanced detection logic for the XDR platform to identify security threats.
Conduct research using our company Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
Create hunting heuristics and methodologies to uncover unknown or emerging threats.
Continuously improve detection accuracy and enhance the platforms ability to identify threats in a dynamic security landscape.
Participate in cybersecurity breach investigations and security incident activities.
Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.

Lead and grow the team in charge of researching and developing Autopilot, an innovative product for graph-based fully-autonomous investigation and response (Over the Cortex platform).
As the manager of the Autopilot team, you'll lead a team of security researchers, set the project's technical vision and standards, and own its success.
You will lead an innovative team on the research, design, and development of a new graph-oriented security product. Creating investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
You'll work closely with other development and product teams to turn a successful POC into a full-fledged product, staying agile in a dynamic environment and using data-driven empirical research to determine and drive the project in the best direction.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Lead and developa team of security researchers, providing mentorship, guidance, and continuous feedback to help them grow their careers (Manage the team, develop the people).
Drive the research strategy and executionfor new autonomous methods for investigating and responding to targeted attackers, leveraging large-scale XDR data and graph-based algorithms.
Ensure collaboration with engineering, product, and other research teams, acting as a key interface to push the project forward and align on cross-functional goals.
Direct the team's work on deep, hands-on investigations of real incidents to reinforce the best investigation and response approach, leveraging a combination of os-internals, TTPs, semi-labeled data, and large-scale statistical methods.
Foster a disruptive environment that innovates using advanced techniques such as graph algorithms, machine learning, and LLM agents to mimic and scale human security analyst workflows.

Required Cyber Threat Landscape Researcher
Israel: Tel Aviv/ Hybrid (Israel)
R&D | Full Time | Job Id: 25150
Why Join Us?
The Threat Intelligence group, a key member of the Research department, leads global threat research efforts, and improves threat coverage across the evolving cyber threat landscape.
The group focuses on understanding and tracking cybercriminal organizations, nation-state (APT) actors, hacktivist activity, active malware campaigns, and emerging adversary trends. The research produced by the team supports both strategic insight and the development of advanced security technologies.
This role is responsible for conducting in-depth cyber threat landscape research and owning the full intelligence research lifecycle-from intelligence collection through analysis and written output.
Key Responsibilities:
Research and analyze cyber threat actors.
Be the first to flag trends, new malware, threat actors and intelligence items that stand out in the crowd
Execute the full intelligence research lifecycle:
Monitoring and analyzing the digital underground - including the DarkNet, the DeepWeb, and other open and restricted sources
Gather & flag intelligence that stands out.
Assess, validate, and refine raw information into high-confidence insights
Produce clear, well-structured written research and threat assessments
Build, maintain, and continuously evaluate a diverse set of reliable intelligence sources
Identify long-term trends, relationships, and shifts in adversary behavior
Conduct deep intelligence collection operations and collect proprietary intelligence
Collaborate with other researchers and internal stakeholders to contextualize findings and improve threat coverage
Maintain high analytical and research standards, including sourcing, attribution, and methodological rigor

We are looking for a macOS Security Researcher for our Tel Aviv R&D center to work on Cortex-XDR for Mac. You will be part of a team in charge of researching, developing, and improving Anti-Malware and Anti-Exploit capabilities. This role involves researching OS internals, exploits, malware, and finding ways to mitigate new attack vectors.
Key Responsibilities
Research, develop, and improve anti-exploitation mitigations and anti-malware modules.
Research macOS internals, application code bases, vulnerabilities, and exploits.
Research malware and find different ways to detect and prevent them.
Analyze customer data to help with detecting and preventing malicious activities in our customers networks.

We are looking for a Security Researcher to join our Windows EDR behavioral detection team. You will create statistics-based classification algorithms to detect new malware, process behavior anomalies, and attackers in enterprise networks using data from multiple Windows endpoints. This involves analyzing attack patterns, finding statistical anomalies, and validating detections against real attacks and APTs on customer data.
Key Responsibilities
Research new methods to detect various attack techniques by utilizing enormous amounts and varied types of data.
Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities.
Take an active role in our collection modules by improving existing ones and investigating new ones to improve detection quality.
Simulate attacks in the lab and conduct a deep analysis of the behavior.
Be part of a diverse research group, improving our research processes to create a better product.
Stay up to date with APTs, attacker methodologies, and TTPs.

We are looking for a Security Researcher to join our research group as part of a growing team developing Autopilot, an innovative product for autonomous investigation and response.
As a core member of the team, you'll go beyond research: youll research, design, and develop investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Research and implement new autonomous methods for investigating and responding to targeted attackers, using large-scale, diverse security datasets
Develop and design the graph-based algorithms that power autonomous investigation and decision-making capabilities
Design automated incident response by developing reusable logic that transforms raw security data and alerts into clear, actionable insights.
Leverage graph algorithms, AI techniques, and statistical methods to mimic and scale human security analyst workflows
Conduct deep, hands-on investigations into modern malware, APTs, and complex attack flows to inform detection and response logic
Stay up to date with attacker methodologies, tools, and techniques (TTPs), ensuring our product remains effective against evolving threats
Contribute to a collaborative, fast-paced research team, helping shape our research strategy, improve processes, and continuously enhance the product.