דרושים » אבטחת מידע וסייבר » Senior Cloud Security Researcher - Security Automation (Cortex)

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
We're looking for a Manager to lead a security research team for detection and response across cloud environments.
This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Key Responsibilities
Manage a team of security researchers conducting research on attacks against cloud data , Kubernetes and containers.
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions.
Represent the team and share insights with the security community through blogs, conference talks, and publications.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you. This is an opportunity to join an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Key Responsibilities
Contribute to a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Simulate real-world attacks and perform deep behavioral analysis to inform and validate detection content.
Collaborate across engineering, product management, and go-to-market teams to deliver impactful security solutions.
Share insights with the security community through blogs, conference talks, and publications.

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power of our company. In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our company's detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

The Security & Information team is looking for someone who is passionate about technology and has a roll-up-their-sleeves mentality to join our global team. Youll play a crucial role in enhancing our security infrastructure, improving networking, ensuring scalability, and maintaining strong security as we continue to grow. If you want to be an industry leader, on a team experiencing hyper-growth, look no further!
Responsibilities :
Lead the design and implementation of AI-driven detection and response strategies to automate complex security investigations.
Operates as the primary escalation point for critical security alerts, performing deep-dive DFIR investigations, analyzing attacker techniques and vectors, proactively hunting threats, and directing incident response activities.
Lead SecOps projects from inception to execution, ensuring effective implementation and ongoing maintenance
Research how to leverage security telemetry and existing security solutions to improve triage and automated response.
Work cross-functionally to refine and evolve agentic workflows that drive automated security operations.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Perform hands-on forensic investigations, log reviews, cloud investigations, and root-cause analysis
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.

We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community

Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product

Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.

we are seeking a Senior Threat Hunting Researcher for Unit 42s Managed Services group, a senior hands-on role combining threat hunting, detection engineering, and incident investigation experience. You will proactively hunt across diverse telemetry to identify suspicious behaviors and emerging threats that evade traditional security. A key part of the role is translating low-fidelity signals into high-fidelity hunting logic and reusable detection opportunities. You will collaborate with multiple teams to share findings, explain coverage, and support response and improvement efforts.
Key Responsibilities
Proactively hunt for suspicious behaviors, malware activity, threat actor tradecraft, and emerging campaign patterns across large-scale customer telemetry.
Build, validate, and tune hunting and detection logic across multiple data sources and security products.
Translate low-fidelity signals, alerts, incidents, and coverage gaps into high-fidelity hunting content and reusable detection opportunities.
Investigate suspicious activity using available telemetry and clearly communicate findings, limitations, and recommended next steps.
Improve detection quality by reducing false positives, increasing signal fidelity, and identifying meaningful coverage gaps.
Collaborate with MDR, Incident Response, Threat Intelligence, Product, and Engineering to improve protection and operational scalability.
Deliver clear, evidence-based reports and technical findings that help customers understand risk and improve defenses.

We're looking for a Senior Principal Threat Hunter to serve as a senior technical leader within our Cyber Defense Team team.

This is a high impact individual contributor role, you won't manage people, but you'll influence how we hunt, investigate

and respond to threats across cloud and SaaS environments at scale.

You'll be the person who takes a weak signal, a piece of emerging intelligence, or an unusual customer activity pattern and turns it into a meaningful investigation, a proactive hunt, or a new detection opportunity.

You'll lead the most complex investigations, drive threat intelligence initiatives, and help define the hunting methodologies that guide our customers' security outcomes.

As one of the team's most senior practitioners, you'll act as a force multiplier across hunting, intelligence, and incident response functions, elevating technical standards, mentoring peers, and helping shape the future of our detection and response capabilities.

What You'll Do
- Design and execute proactive threat hunts across cloud and SaaS environments (AWS, Azure, GCP, Okta, M365), grounded in current intelligence and ATT&CK-mapped adversary behavior.
- Mature and operate a recurring threat intelligence reporting function, turning intel into hunt leads, detection opportunities, and customer-facing narratives.
- Lead incident response investigations during US business hours, from scoping through root cause; step into the Incident Commander role when required.
- Continuously monitor threat detections and deliver responsive services with thorough event analysis and judgement.
- Triage and investigate security alerts across cloud and SaaS environments, separating true threats from noise and surfacing detection gaps to the detection engineering team.
- Leverage automation and AI tooling to scale impact, and propose improvements for processes, workflows, products, and policies.
- PLUS: Exposure to detection engineering, tooling and automation development, or prior managed services (MSSP) experience.

Were looking for a Pentest Product Associate to join our Product team and help expand the power of our company.
In this pivotal role, you will be the primary operator of our cutting-edge AI-driven Dynamic Application Security Testing (DAST) agent while simultaneously innovating detection mechanisms for cloud-native technologies.
You will bridge the gap between automated AI testing and cloud infrastructure, defining the "rules of engagement" for our agents to ensure they effectively simulate sophisticated attacks and accurately classify the modern attack surface.
WHAT YOULL DO
Engineer Detection & Attack Logic: Develop advanced detection algorithms to classify cloud technologies while fine-tuning the attack policies that define how our agents identify and exploit vulnerabilities.
Validate Complex Findings: Analyze cloud services, APIs, and log payloads to review complex attack paths, reducing false positives and ensuring compliance with industry standards.
Research Novel Threats: Stay at the forefront of novel attack vectors and emerging cloud/API threats, translating new techniques into executable behaviors for the company DAST engine.
Drive Product Evolution: Collaborate directly with Research, Backend, and R&D teams to turn operational insights into feature requests, positioning our company as the market leader in vulnerability management.

The Cyber Threat Intelligence Hunter will sit within Unit 42 Managed Threat Hunting and support proactive, intelligence-led hunting across customer environments. This role combines hands-on threat hunting with cyber threat intelligence analysis, helping multinational organizations stay one step ahead of adversaries and cyber threats.
Key Responsibilities
Analyze public and private threat intelligence, Unit 42 research, adversary campaigns, malware activity, infrastructure, indicators, and TTPs.
Translate threat intelligence into actionable hunting hypotheses, investigation workflows, hunting queries, and customer-facing findings.
Execute existing threat hunting reports and hunting workflows, investigate results, and support timely customer reporting.
Investigate scheduled hunt detections and compose clear, professional reports when relevant.
Investigate hunting leads based on IOCs, threat intelligence, internal detections, customer telemetry, and emerging adversary behaviors.
Monitor the threat landscape and prepare initial context for emerging campaigns, enabling the global team to continue deeper investigation and hunting.
Collaborate with threat hunters, detection engineers, incident responders, MDR, and Unit 42 researchers to operationalize intelligence quickly and effectively.
Escalate major, unclear, or high-impact security events to the Threat Hunting leadership team when necessary.
Provide ongoing feedback on findings, hunting reports, queries, intelligence workflows, and operational processes to support continuous improvement.

We are hiring an AI Researcher to join the research team building the next generation of AI-native security systems. You will work alongside security and threat researchers to build large-scale AI agents that reason over software, code, endpoint activity, and security signals to detect malicious behavior, uncover vulnerabilities, assess risk, and make autonomous security decisions in real-world production environments. We are entering the Mythos era - where attackers operate at machine speed using autonomous systems and AI-generated software, and defenders must evolve the same way. We use state-of-the-art frontier models, including access to Mythos, to build reliable AI-native security systems at global scale. You will help design the evaluations, harnesses, and reliability infrastructure that make autonomous agents dependable under real customer load, while collaborating with leading AI organizations including Anthropic on initiatives such as Glasswing. This is an opportunity to work at the frontier of AI, autonomous systems, and cybersecurity while helping define how the next generation of security systems will operate.
Key Responsibilities
Build AI agents and autonomous security systems that reason over software, code, endpoint activity, MCPs, and security signals to detect malicious behavior, uncover vulnerabilities, and assess risk at production scale.
Develop systems, tooling, and infrastructure that enable agents to autonomously investigate threats, hunt for malware in massive datasets, and operate reliably in complex security environments.
Design and run experiments to evaluate frontier-model and agent capabilities in realistic adversarial scenarios, including benchmark creation, large-scale datasets, automated evaluations, and human-in-the-loop review systems.
Build the evaluation harnesses, observability systems, and reliability infrastructure required to make autonomous agents accurate, scalable, and dependable under real customer load.
Engineer for scale and performance across large distributed AI systems, including inference optimization, orchestration, batching, caching, cost controls, and graceful degradation under high demand.
Continuously evaluate emerging models, agent architectures, prompting techniques, and research directions to ensure our systems remain at the frontier of AI-native cybersecurity.
Rapidly prototype and test new approaches across reasoning, autonomy, evaluations, and security workflows as the AI landscape evolves.
Partner closely with threat and security researchers to extract domain expertise, translate analyst reasoning into AI workflows, and enable new forms of automation and autonomous investigation.
Collaborate with leading AI and security researchers to shape the future of AI-native cybersecurity as the industry transitions into the Mythos era.
Senior candidates will help define research direction, shape technical strategy, identify high-leverage problems, and influence how autonomous AI systems are deployed across the organization.