דרושים » אבטחת מידע וסייבר » Senior/Principal Linux Security Analytics Researcher (Cortex)

We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D center. You will be part of a team that is responsible for researching the most recent and advanced cybersecurity threats, as well as designing, developing, and improving Anti-Malware capabilities to protect against them. The position includes researching OS internals, picking apart malware samples, delving into the internals of Windows kernel and user-mode code, and finding ways to mitigate new attack vectors.
The proposed role will be part of the research team of the Cortex XDR endpoint protection solution.
We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team of the Cortex XDR agent group. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, working closely with various teams to drive innovation. A deep understanding of the Windows operating system is essential.
Key Responsibilities
Playing a pivotal role in shaping the future of our security solutions.
Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules.
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities.
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert.
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities.
Respond to malware-based security events at clients' networks.
Stay up to date with current malware and APT techniques.
Provide feedback to the product management team on new feature requests and product enhancements from our customer base.
Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware.
Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis.
Be a team player who lifts others up - happy to jump in when a teammate is stuck on a tricky Windows internals or RE question, share what you've figured out, and generally make the people around you better.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
We're looking for a Manager to lead a security research team for detection and response across cloud environments.
This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Key Responsibilities
Manage a team of security researchers conducting research on attacks against cloud data , Kubernetes and containers.
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions.
Represent the team and share insights with the security community through blogs, conference talks, and publications.

We are looking for a Linux Low Level Security Research team manager for our Tel Aviv R&D center. You will manage and lead a team that is responsible for researching the most recent Malwares, Kernel mitigations, EBPF, and advanced cybersecurity threats, as well as designing, developing and improving our Linux Agent ability to protect against different threats. The position includes researching Linux internals, Reverse engineering, malwares analysis, diving into internals of the Linux kernel and user-mode code, java, javascript and more.
Key Responsibilities
Leading the existing employees as well as hire future employees to join your team.
Be a thought leader around anti-malware detection and protection; designing, planning, and improving our anti-malware detection and prevention capabilities.
Lead the rapid response and find ways to prevent new critical vulnerabilities.
Respond to malware-based security events from customers.
Stay up to date with current malware and new attackers techniques.

We are looking for a Linux Low Level Security Research group manager for our Tel Aviv R&D center. You will manage and lead a group that is responsible for researching the most recent Malwares, Kernel mitigations, EBPF, vulnerabilities, exploits and advanced cybersecurity threats, as well as designing, developing and improving our Linux Agent ability to protect against different threats. The position includes researching Linux internals, Reverse engineering, malware analysis, vulnerability analysis, diving into internals of the Linux kernel and user-mode code, java, javascript and more. The group consists of two Linux Low Level researcher teams.
Key Responsibilities
Leading the existing employees as well as hiring future employees to join your group.
Be a thought leader around Linux detection and protection; designing, planning, and improving our anti-exploit, as well as anti-malware detection and prevention capabilities.
Lead the rapid response and find ways to prevent new critical vulnerabilities and malware.
Figure out different ways to generally catch entire bug-classes or exploitation building blocks to prevent exploits.
Respond to different breach and security events arriving from customers.
Stay up to date with current vulnerabilities, exploitation techniques and malware.

We are looking for a Security Researcher to join our research group as part of a growing team developing Autopilot, an innovative product for autonomous investigation and response.
As a core member of the team, you'll go beyond research: youll research, design, and develop investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Research and implement new autonomous methods for investigating and responding to targeted attackers, using large-scale, diverse security datasets
Develop and design the graph-based algorithms that power autonomous investigation and decision-making capabilities
Design automated incident response by developing reusable logic that transforms raw security data and alerts into clear, actionable insights.
Leverage graph algorithms, AI techniques, and statistical methods to mimic and scale human security analyst workflows
Conduct deep, hands-on investigations into modern malware, APTs, and complex attack flows to inform detection and response logic
Stay up to date with attacker methodologies, tools, and techniques (TTPs), ensuring our product remains effective against evolving threats
Contribute to a collaborative, fast-paced research team, helping shape our research strategy, improve processes, and continuously enhance the product.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you. This is an opportunity to join an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Key Responsibilities
Contribute to a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Simulate real-world attacks and perform deep behavioral analysis to inform and validate detection content.
Collaborate across engineering, product management, and go-to-market teams to deliver impactful security solutions.
Share insights with the security community through blogs, conference talks, and publications.

The team is responsible for developing and improving our Linux anti-malware prevention. This includes having top-notch knowledge about the latest malware families in the wild, Linux internals, different attack frameworks and hacktools. As part of this, the team analyzes customer data and issues to prevent malicious activities in our customer's environment, and help to improve the product.
Key Responsibilities
Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
Create behavioral-based protection that enhances our product's coverage
Leverage our company massive collection network to identify coverage gaps and emerging threats
Assist in the design, research, evaluation and implementation of new security technologies and features
Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams.

We are seeking a Senior/Principal Linux Security Researcher for our Tel Aviv R&D center to advance our Cortex-XDR Agent for the Linux platform, which provides runtime protection to servers and cloud workloads. In this role, you will be a key member of a team responsible for researching, developing, and improving our Anti-Exploit and Anti-Malware capabilities. Your work will involve deep exploration of OS internals, exploits, malware, delving into cloud security, and finding ways to mitigate new attack vectors.
Key Responsibilities
Research, develop, and improve state-of-the-art endpoint security solutions focused on comprehensive prevention. This includes broad defense against attack classes like malware and exploits, spanning from low-level mitigations to application-level security
Research Linux OS internals, kernel, application codebases, vulnerabilities, malware and exploits
Respond to security events coming from customers, in the context of malware and exploitation prevention.

Are you passionate about using cutting-edge technology to help protect the world against cyber threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive AI security group that has an impact on many customers?
You will be part of a strong security research and data science team who solve highly complex security challenges using disruptive technologies, AI & ML algorithms and a lot of data.
As part of that, you will take part in the design and development of new groundbreaking AI security solutions which make a direct impact on many customers.
At our company we value diverse viewpoints and experiences, as we are solving complex cyber security challenges. We are committed to a safe and inclusive workspace.
Key Responsibilities
Be at the forefront of security innovation, building next-gen detection capabilities powered by AI, deep-learning, machine learning, big data, and deep threat intelligence.
Dive deep into low-level systems, reverse engineering, and file-type behavior to uncover novel attack vectors - and then turn that insight into scalable, ML-driven protections.
Work hand-in-hand with rockstar data scientists, engineers, and PMs in a fast-paced, collaborative environment where ideas move quickly from whiteboard to production.
Lead high-impact research initiatives that fuse classic security expertise with modern data science - shaping models, influencing pipelines, and driving real-world protection outcomes.
Be a key player in a multidisciplinary team where your deep security expertise will directly influence AI/ML model design, data pipeline strategy, and real-world product impact.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.