דרושים » אבטחת מידע וסייבר » Senior Threat Researcher - Agentic Endpoint Security(Cortex)

We are seeking a Principal/Senior Security Researcher to lead proactive research into emerging abuse patterns across agentic and modern endpoint environments. This includes browser extensions, SaaS- and web-delivered code, autonomous agents, MCPs and related tooling, and other forms of non-binary software that do not fit neatly into a traditional malware-focused model.
In this role, you will define and drive independent research initiatives rather than simply respond to predefined queues. You will conduct deep technical investigations, including reverse engineering, telemetry analysis, controlled experimentation, and data-driven validation, and translate your findings into actionable outcomes for the product. These may include detection concepts with clear success criteria, recommendations for new telemetry or platform behavior, and concise technical narratives for engineering, product, executive, or customer-facing audiences.
You will act as a senior research partner to engineering and product leadership, helping shape priorities around what to instrument, what to build, what to retire, and how to reason about ambiguous signals in production environments. The role requires strong technical judgment, strategic thinking, and the ability to turn complex research into evidence-backed product impact.
Key Responsibilities
Define and execute proactive research programs: novel attack surfaces (e.g., browser extensions, SaaS-delivered code, autonomous agents, MCP/tooling ecosystems), long-horizon threats, and systemic gaps in visibility or detection.
Perform deep technical analysis beyond routine triage: reverse engineering, behavioral modeling, data-driven hypothesis testing, and rigorous validation of findings at scale.
Set direction for how research translates into product and detection: prioritization frameworks, threat models, evaluation criteria, and standards of evidence for shipping high-impact changes.
Partner with senior engineering and product stakeholders to shape roadmap, telemetry, and architecture informed by research; influence design tradeoffs before issues appear in the field.
Lead complex, ambiguous investigations end-to-end and synthesize conclusions for executive and customer-facing audiences when stakes are high.
Represent the team through high-quality technical artifacts (e.g., in-depth publications, conference-quality work, or equivalent internal briefings) that establish external and internal credibility.

we are seeking a Senior Threat Hunting Researcher for Unit 42s Managed Services group, a senior hands-on role combining threat hunting, detection engineering, and incident investigation experience. You will proactively hunt across diverse telemetry to identify suspicious behaviors and emerging threats that evade traditional security. A key part of the role is translating low-fidelity signals into high-fidelity hunting logic and reusable detection opportunities. You will collaborate with multiple teams to share findings, explain coverage, and support response and improvement efforts.
Key Responsibilities
Proactively hunt for suspicious behaviors, malware activity, threat actor tradecraft, and emerging campaign patterns across large-scale customer telemetry.
Build, validate, and tune hunting and detection logic across multiple data sources and security products.
Translate low-fidelity signals, alerts, incidents, and coverage gaps into high-fidelity hunting content and reusable detection opportunities.
Investigate suspicious activity using available telemetry and clearly communicate findings, limitations, and recommended next steps.
Improve detection quality by reducing false positives, increasing signal fidelity, and identifying meaningful coverage gaps.
Collaborate with MDR, Incident Response, Threat Intelligence, Product, and Engineering to improve protection and operational scalability.
Deliver clear, evidence-based reports and technical findings that help customers understand risk and improve defenses.

we are looking for a Lead Security Researcher - AI Threat Intelligence. This key position within the threat intelligence group will be in charge of analyzing the vast amount of data that is managed by our company, develop threat intelligence on adversarial TTPs (tactics, techniques and procedures) and generate reports, presentations and blogs on anomalies and tools identified.
This role goes beyond the analyst role, as a key member of the team the threat intelligence researcher will work with internal security teams, network data, underground intelligence teams and much more, performing cutting edge research followed by presenting the research externally via various mediums.
Responsibilities:
Lead threat intelligence research focused on AI-related threats, threat actors, attack techniques, and emerging cybersecurity trends
Analyze internal and external security data to identify attack patterns, campaigns, and actionable intelligence
Explore large-scale datasets using SQL and other data analysis methods to generate research insights
Build tools, workflows, and agentic systems to automate research, investigation, and intelligence production
Research how attackers use AI and how AI can improve threat detection, investigation, and response
Publish high-quality research, including blogs, reports, threat intelligence summaries, and customer-facing insights
Present research at cybersecurity conferences, webinars, company events, and customer-facing sessions
Collaborate with product, data, engineering, and research teams to improve detections and product intelligence
Independently lead research initiatives from idea and data exploration to publication and presentation.
Travel internationally for company events and cybersecurity conferences at least six times per year.

The Cyber Threat Intelligence Hunter will sit within Unit 42 Managed Threat Hunting and support proactive, intelligence-led hunting across customer environments. This role combines hands-on threat hunting with cyber threat intelligence analysis, helping multinational organizations stay one step ahead of adversaries and cyber threats.
Key Responsibilities
Analyze public and private threat intelligence, Unit 42 research, adversary campaigns, malware activity, infrastructure, indicators, and TTPs.
Translate threat intelligence into actionable hunting hypotheses, investigation workflows, hunting queries, and customer-facing findings.
Execute existing threat hunting reports and hunting workflows, investigate results, and support timely customer reporting.
Investigate scheduled hunt detections and compose clear, professional reports when relevant.
Investigate hunting leads based on IOCs, threat intelligence, internal detections, customer telemetry, and emerging adversary behaviors.
Monitor the threat landscape and prepare initial context for emerging campaigns, enabling the global team to continue deeper investigation and hunting.
Collaborate with threat hunters, detection engineers, incident responders, MDR, and Unit 42 researchers to operationalize intelligence quickly and effectively.
Escalate major, unclear, or high-impact security events to the Threat Hunting leadership team when necessary.
Provide ongoing feedback on findings, hunting reports, queries, intelligence workflows, and operational processes to support continuous improvement.

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power of our company. In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our company's detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
As the Head of Research, you will lead Securitys threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community. You will manage and grow a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful. This role emphasizes strong people leadership and cross-functional execution, alongside technical depth and hands-on research judgment.
What youll do :
Develop, own and evolve the research strategy by defining high value focus areas (for example misconfigurations, identity threats, workload vulnerabilities, and emerging attack techniques), and ensure alignment with product roadmap and business objectives.
Lead, coach, and mentor a multidisciplinary research team (researchers, threat analysts, and engineers).
Build a healthy, high-performing org, including hiring, onboarding, and performance management.
Partner closely with product and engineering leadership to turn research insights into concrete roadmap items, detection logic, and customer value.
Drive discovery of new vulnerabilities, attack techniques, or adversary behaviors across cloud and modern infrastructure environments (for example containers, serverless, data stores, IAM).
Define metrics for research impact (for example vulnerabilities discovered, time to validate and operationalize new findings, research-driven product improvements, external reach).
Establish and maintain external partnerships (industry peers, academic groups, independent researchers) to expand capabilities and pipeline.
Publish and present research findings (blog posts, white papers, conference talks).
Lead vulnerability disclosure and responsible communications.
Ensure the research function has the right infrastructure and processes (tooling, sandboxes, repeatable experimentation, documentation standards).
Stay current with the threat landscape, emerging technologies, attacker tradecraft, and relevant compliance or regulatory shifts.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.

we are looking for a network and Security Researcher. This key position within the threat intelligence group will be in charge of analyzing the vast amount of data that is managed by our company, develop threat intelligence on adversarial TTPs (tactics, techniques and procedures) and generate reports, presentations and blogs on anomalies and tools identified.
This role goes beyond the analyst role, as a key member of the team the threat intelligence researcher will work with internal security teams, network data, underground intelligence teams and much more, performing cutting edge research followed by presenting the research externally via various mediums.
Responsibilities
Monitor and analyze the evolving cybersecurity threat landscape, with a focus on threat intelligence and AI-related security trends
Research threat actors, attack techniques, campaigns, and emerging threats using external intelligence and internal data
Analyze our companys internal data warehouse to identify security trends, attack patterns, and actionable insights
Use SQL, scripting, and AI tools to support threat research, data analysis, and automation
Build internal tools, workflows, or AI agents to improve research efficiency and data investigation
Produce high-quality threat research content, including blogs, reports, and customer-facing insights
Present research findings at conferences, webinars, company events, and internal sessions
Collaborate with SOC, product, research, and data teams to improve detections and product intelligence
Independently manage research projects from idea to analysis, publication, and presentation.

We are looking for a hands-on security researcher who combines an attacker mindset, fraud-domain curiosity, strong technical depth, and data analysis skills. You will investigate real-world fraud patterns, reproduce attacker techniques, analyze telemetry, enrich our data collection capabilities, discover new security signals, and work closely with product, data, and engineering teams to turn research insights into production-grade detection and prevention mechanisms.
This role is especially relevant for researchers with experience in browser technologies, mobile-native applications, or both. You may work on desktop and mobile browsers, browser APIs, browser automation, client-side signals, native mobile applications, Android/iOS behavior, mobile security, emulators, device signals, and mobile automation.
You will help expand our visibility into new signals and patterns that improve fraud detection, model performance, and customer protection.
If you are a talented researcher who enjoys solving complex problems, working with messy real-world data, and building practical defenses against modern fraud and abuse, we want you to join our team.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.