דרושים » אבטחת מידע וסייבר » Cyber Threat Intelligence Hunter (Unit 42)

we are seeking a Senior Threat Hunting Researcher for Unit 42s Managed Services group, a senior hands-on role combining threat hunting, detection engineering, and incident investigation experience. You will proactively hunt across diverse telemetry to identify suspicious behaviors and emerging threats that evade traditional security. A key part of the role is translating low-fidelity signals into high-fidelity hunting logic and reusable detection opportunities. You will collaborate with multiple teams to share findings, explain coverage, and support response and improvement efforts.
Key Responsibilities
Proactively hunt for suspicious behaviors, malware activity, threat actor tradecraft, and emerging campaign patterns across large-scale customer telemetry.
Build, validate, and tune hunting and detection logic across multiple data sources and security products.
Translate low-fidelity signals, alerts, incidents, and coverage gaps into high-fidelity hunting content and reusable detection opportunities.
Investigate suspicious activity using available telemetry and clearly communicate findings, limitations, and recommended next steps.
Improve detection quality by reducing false positives, increasing signal fidelity, and identifying meaningful coverage gaps.
Collaborate with MDR, Incident Response, Threat Intelligence, Product, and Engineering to improve protection and operational scalability.
Deliver clear, evidence-based reports and technical findings that help customers understand risk and improve defenses.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.

As a Senior Threat Intelligence Researcher, you will be responsible for tracking advanced adversaries and leveraging your deep technical expertise across attacker capabilities, infrastructure, and tactics. You will create and refine approaches to uncover and monitor active threat actors, as well as surface irregular and emerging behaviors in the broader threat landscape. The intelligence you generate will directly strengthen our companys understanding of threat actors and will inform proactive hunting, detection engineering, and defensive decision-making.
Responsibilities
Lead complex threat intelligence investigations through in-depth analysis of the global threat landscape, with a focus on advanced and state-linked actors.
Define and prioritize threat research focus areas (actors, campaigns, sectors, techniques) aligned with our companys customers and product roadmap.
Deliver actionable cyber threat intelligence and design and execute hunting campaigns using analytics, automation, and advanced AI capabilities.
Curate and maintain structured knowledge on actors, campaigns, infrastructure, and TTPs in our companys internal threat knowledge base.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power of our company. In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our company's detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

This role demands a solutions-oriented mindset, as you'll be expected to go above and beyond for customers by driving innovative outcomes. You'll collaborate across multiple teams to craft creative solutions, ensuring we exceed customer expectations and deliver exceptional value. You will leverage extensive resources to provide advanced digital risk monitoring expertise and analysis to safeguard our customers' environments. You will develop a trusted partnership by helping your customer identify and operationalize timely, actionable, and relevant threat intelligence and threat hunt findings.

This position offers exceptional growth opportunities, blending technical mastery with strategic advisory services, all powered by world-class intelligence and hunting capabilities.

Serve as a trusted advisor who maintains ownership of dedicated customer accounts, delivering outstanding experiences that build trust and facilitate high levels of satisfaction across all organizational levels.

Research dark web data and tailor threat intelligence for CAO Elite customer based on their specific requirements and environment

Prepare and deliver customer presentations relating to intelligence reports and dark web alerts on a regular basis

Partner across teams to develop and implement creative solutions that exceed customer expectations, focusing on delivering exceptional outcomes even when faced with complex challenges

Respond to customer requests relating to threat intelligence, threat hunting, and dark web monitoring

We are looking for a strategic leader to evolve our Threat team into a comprehensive
Deep Research Group
. As the Head of Research, you will lead innovation across AI Security, Threat Intelligence, and our Intelligence, transforming raw research into core platform differentiators. This is a pivotal leadership position responsible for delivering high-signal content and product-impacting discoveries that will directly influence our expansion into the enterprise market.
What You Will Build
Deep Research Strategy:
You will oversee the creation of next-generation security modules derived from our unique runtime data, transforming raw telemetry into actionable defense mechanisms and automated workflows
Premium Intelligence:
You will drive the development of unique intellectual property and detection capabilities that allow us to launch differentiated, premium service offerings.
Market Impact:
Your group's research will serve as a growth engine, powering our PR, community credibility, and enterprise readiness for high-stakes environments.
Responsibilities:
Organizational Leadership:
Lead, mentor, and scale a diverse group, including the Threat Research Team, Offensive Research Team, AI Research & Innovation Team, and OSINT/Vulnerability squads
Strategic Delivery:
Oversee the lifecycle of major research initiatives, from initial discovery to full productization, ensuring deep technical findings are translated into user-facing value.
Proactive Hunting:
Drive a proactive hunting strategy, utilizing external scanning and internal signals to uncover emerging campaigns and validate novel threats before they become widespread.
Cross-Functional AI Integration:
Collaborate with the AI Lead and Engineering to integrate proprietary intel into our detection models and strengthen our AI-driven security architecture.

We are seeking a Principal/Senior Security Researcher to lead proactive research into emerging abuse patterns across agentic and modern endpoint environments. This includes browser extensions, SaaS- and web-delivered code, autonomous agents, MCPs and related tooling, and other forms of non-binary software that do not fit neatly into a traditional malware-focused model.
In this role, you will define and drive independent research initiatives rather than simply respond to predefined queues. You will conduct deep technical investigations, including reverse engineering, telemetry analysis, controlled experimentation, and data-driven validation, and translate your findings into actionable outcomes for the product. These may include detection concepts with clear success criteria, recommendations for new telemetry or platform behavior, and concise technical narratives for engineering, product, executive, or customer-facing audiences.
You will act as a senior research partner to engineering and product leadership, helping shape priorities around what to instrument, what to build, what to retire, and how to reason about ambiguous signals in production environments. The role requires strong technical judgment, strategic thinking, and the ability to turn complex research into evidence-backed product impact.
Key Responsibilities
Define and execute proactive research programs: novel attack surfaces (e.g., browser extensions, SaaS-delivered code, autonomous agents, MCP/tooling ecosystems), long-horizon threats, and systemic gaps in visibility or detection.
Perform deep technical analysis beyond routine triage: reverse engineering, behavioral modeling, data-driven hypothesis testing, and rigorous validation of findings at scale.
Set direction for how research translates into product and detection: prioritization frameworks, threat models, evaluation criteria, and standards of evidence for shipping high-impact changes.
Partner with senior engineering and product stakeholders to shape roadmap, telemetry, and architecture informed by research; influence design tradeoffs before issues appear in the field.
Lead complex, ambiguous investigations end-to-end and synthesize conclusions for executive and customer-facing audiences when stakes are high.
Represent the team through high-quality technical artifacts (e.g., in-depth publications, conference-quality work, or equivalent internal briefings) that establish external and internal credibility.

What you will do
Research threat actors, campaigns, and techniques relevant to browser extensions, SaaS apps, autonomous agents, MCP/tooling ecosystems, and related endpoint behaviors.
Build and maintain threat intelligence: TTPs, IOCs where appropriate, ATT&CK-style mappings, and internal knowledge bases.
Design, test, and tune detection logic (behavioral rules, heuristics, models, or equivalent) in collaboration with detection and data science teams.
Analyze customer and telemetry datasets to find novel abuse patterns, false positives, and detection gaps.
Produce clear outputs for multiple audiences: technical blogs, customer-facing briefings, internal playbooks, and engineering specs.
Work with reverse engineering, data engineering, and product to turn research into durable platform capabilities.
Participate in incident-driven research and time-sensitive investigations when new threats emerge.

We are seeking an experienced Incident Response leader to own and lead the companys response to large-scale, high-impact cyber incidents. This role is responsible not only for technical response, but for cross-company crisis coordination, executive decision support, and ensuring fast, controlled mitigation across engineering, product, legal, communications, and leadership teams.
This is a leadership role for someone who has personally led complex incidents under pressure - including situations involving material business risk, customer impact, regulatory exposure, and executive visibility.