דרושים » אבטחת מידע וסייבר » Senior Security Researcher Identity & SaaS (Cortex Cloud)

We are seeking a seasoned security leader to manage a high-caliber research team focused on the security of Identity, SaaS, and Cloud ecosystems. In this role, you will provide technical mentorship and strategic vision, guiding research into service risk profiling and adversarial TTPs analysis. You will be the bridge between cutting-edge research and product innovation, ensuring our findings translate into high-impact security outcomes to stay ahead of modern adversaries.
Key Responsibilities
Define the research roadmap for Identity, SaaS, and Cloud risks, ensuring the team's outputs align with the evolving threat landscape and company goals.
Lead and grow a diverse team of security researchers, providing the technical guidance and career development necessary to maintain a world-class research organization.
Leverage your experience in a product-focused environment to ensure research outcomes directly influence service security strategies and customer-facing solutions.
Oversee the execution of high-fidelity attack simulations and TTP deconstruction, ensuring the 'how-to' of secure service usage is clearly defined and actionable.
Partner with Engineering, Product Management, and Threat Intel teams to transform raw research into robust mitigation strategies and resilient service blueprints.
Represent the team's research internally and externally, positioning the organization as a premier authority on Identity-centric and Cloud security.

We are seeking a seasoned security leader to manage a high-caliber research team focused on the security of Identity, SaaS, and Cloud ecosystems. In this role, you will provide technical mentorship and strategic vision, guiding research into service risk profiling and adversarial TTPs analysis. You will be the bridge between cutting-edge research and product innovation, ensuring our findings translate into high-impact security outcomes to stay ahead of modern adversaries.
Key Responsibilities
Define the research roadmap for Identity, SaaS, and Cloud risks, ensuring the team's outputs align with the evolving threat landscape and company goals.
Lead and grow a diverse team of security researchers, providing the technical guidance and career development necessary to maintain a world-class research organization.
Leverage your experience in a product-focused environment to ensure research outcomes directly influence service security strategies and customer-facing solutions.
Oversee the execution of high-fidelity attack simulations and TTP deconstruction, ensuring the 'how-to' of secure service usage is clearly defined and actionable.
Partner with Engineering, Product Management, and Threat Intel teams to transform raw research into robust mitigation strategies and resilient service blueprints.
Represent the team's research internally and externally, positioning the organization as a premier authority on Identity-centric and Cloud security.

We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community

Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product

Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
We're looking for a Manager to lead a security research team for detection and response across cloud environments.
This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Key Responsibilities
Manage a team of security researchers conducting research on attacks against cloud data , Kubernetes and containers.
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions.
Represent the team and share insights with the security community through blogs, conference talks, and publications.

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team. In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Key Responsibilities
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments.
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior.
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models.
Research specific scenarios to enhance our model's capabilities.
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product.
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power of our company. In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our company's detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

Were looking for a Pentest Product Associate to join our Product team and help expand the power of our company.
In this pivotal role, you will be the primary operator of our cutting-edge AI-driven Dynamic Application Security Testing (DAST) agent while simultaneously innovating detection mechanisms for cloud-native technologies.
You will bridge the gap between automated AI testing and cloud infrastructure, defining the "rules of engagement" for our agents to ensure they effectively simulate sophisticated attacks and accurately classify the modern attack surface.
WHAT YOULL DO
Engineer Detection & Attack Logic: Develop advanced detection algorithms to classify cloud technologies while fine-tuning the attack policies that define how our agents identify and exploit vulnerabilities.
Validate Complex Findings: Analyze cloud services, APIs, and log payloads to review complex attack paths, reducing false positives and ensuring compliance with industry standards.
Research Novel Threats: Stay at the forefront of novel attack vectors and emerging cloud/API threats, translating new techniques into executable behaviors for the company DAST engine.
Drive Product Evolution: Collaborate directly with Research, Backend, and R&D teams to turn operational insights into feature requests, positioning our company as the market leader in vulnerability management.

We are seeking a Principal/Senior Security Researcher to lead proactive research into emerging abuse patterns across agentic and modern endpoint environments. This includes browser extensions, SaaS- and web-delivered code, autonomous agents, MCPs and related tooling, and other forms of non-binary software that do not fit neatly into a traditional malware-focused model.
In this role, you will define and drive independent research initiatives rather than simply respond to predefined queues. You will conduct deep technical investigations, including reverse engineering, telemetry analysis, controlled experimentation, and data-driven validation, and translate your findings into actionable outcomes for the product. These may include detection concepts with clear success criteria, recommendations for new telemetry or platform behavior, and concise technical narratives for engineering, product, executive, or customer-facing audiences.
You will act as a senior research partner to engineering and product leadership, helping shape priorities around what to instrument, what to build, what to retire, and how to reason about ambiguous signals in production environments. The role requires strong technical judgment, strategic thinking, and the ability to turn complex research into evidence-backed product impact.
Key Responsibilities
Define and execute proactive research programs: novel attack surfaces (e.g., browser extensions, SaaS-delivered code, autonomous agents, MCP/tooling ecosystems), long-horizon threats, and systemic gaps in visibility or detection.
Perform deep technical analysis beyond routine triage: reverse engineering, behavioral modeling, data-driven hypothesis testing, and rigorous validation of findings at scale.
Set direction for how research translates into product and detection: prioritization frameworks, threat models, evaluation criteria, and standards of evidence for shipping high-impact changes.
Partner with senior engineering and product stakeholders to shape roadmap, telemetry, and architecture informed by research; influence design tradeoffs before issues appear in the field.
Lead complex, ambiguous investigations end-to-end and synthesize conclusions for executive and customer-facing audiences when stakes are high.
Represent the team through high-quality technical artifacts (e.g., in-depth publications, conference-quality work, or equivalent internal briefings) that establish external and internal credibility.

Were looking for a hands-on AI Cyber Intelligence Engineer - in the domain of attack surface. Someone who lives and breathes cyber security, loves exploring how attackers move through real environments, and is excited to shape how AI can automate and extend that process.
In this role, youll analyze real-world environments, identify potential attack vectors, and work closely with our AI engineering teams to translate your domain expertise into actionable, intelligent workflows. Youll play a key role in guiding how our platform learns to think and act like a top-tier security analyst.
Responsibilities
Design and shape AI-driven security agents by encoding expert attacker and defender reasoning into agentic flows, prompts, decision logic, and investigative strategies.
Translate offensive security and red-team expertise into structured knowledge that enables AI systems to identify, prioritize, and reason about real-world attack paths in complex enterprise environments.
Model attacker behavior and multi-step attack scenarios, focusing on lateral movement, privilege escalation, and cross-domain exploitation - and guide how AI agents simulate and evaluate these scenarios.
Act as a domain expert partner for product and engineering teams, ensuring AI-driven security decisions remain grounded in real attacker tradecraft and operational reality.

Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
As the Head of Research, you will lead Securitys threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community. You will manage and grow a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful. This role emphasizes strong people leadership and cross-functional execution, alongside technical depth and hands-on research judgment.
What youll do :
Develop, own and evolve the research strategy by defining high value focus areas (for example misconfigurations, identity threats, workload vulnerabilities, and emerging attack techniques), and ensure alignment with product roadmap and business objectives.
Lead, coach, and mentor a multidisciplinary research team (researchers, threat analysts, and engineers).
Build a healthy, high-performing org, including hiring, onboarding, and performance management.
Partner closely with product and engineering leadership to turn research insights into concrete roadmap items, detection logic, and customer value.
Drive discovery of new vulnerabilities, attack techniques, or adversary behaviors across cloud and modern infrastructure environments (for example containers, serverless, data stores, IAM).
Define metrics for research impact (for example vulnerabilities discovered, time to validate and operationalize new findings, research-driven product improvements, external reach).
Establish and maintain external partnerships (industry peers, academic groups, independent researchers) to expand capabilities and pipeline.
Publish and present research findings (blog posts, white papers, conference talks).
Lead vulnerability disclosure and responsible communications.
Ensure the research function has the right infrastructure and processes (tooling, sandboxes, repeatable experimentation, documentation standards).
Stay current with the threat landscape, emerging technologies, attacker tradecraft, and relevant compliance or regulatory shifts.