דרושים » אבטחת מידע וסייבר » Lead Security Researcher - AI Threat Intelligence

we are looking for a network and Security Researcher. This key position within the threat intelligence group will be in charge of analyzing the vast amount of data that is managed by our company, develop threat intelligence on adversarial TTPs (tactics, techniques and procedures) and generate reports, presentations and blogs on anomalies and tools identified.
This role goes beyond the analyst role, as a key member of the team the threat intelligence researcher will work with internal security teams, network data, underground intelligence teams and much more, performing cutting edge research followed by presenting the research externally via various mediums.
Responsibilities
Monitor and analyze the evolving cybersecurity threat landscape, with a focus on threat intelligence and AI-related security trends
Research threat actors, attack techniques, campaigns, and emerging threats using external intelligence and internal data
Analyze our companys internal data warehouse to identify security trends, attack patterns, and actionable insights
Use SQL, scripting, and AI tools to support threat research, data analysis, and automation
Build internal tools, workflows, or AI agents to improve research efficiency and data investigation
Produce high-quality threat research content, including blogs, reports, and customer-facing insights
Present research findings at conferences, webinars, company events, and internal sessions
Collaborate with SOC, product, research, and data teams to improve detections and product intelligence
Independently manage research projects from idea to analysis, publication, and presentation.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.

The Cyber Threat Intelligence Hunter will sit within Unit 42 Managed Threat Hunting and support proactive, intelligence-led hunting across customer environments. This role combines hands-on threat hunting with cyber threat intelligence analysis, helping multinational organizations stay one step ahead of adversaries and cyber threats.
Key Responsibilities
Analyze public and private threat intelligence, Unit 42 research, adversary campaigns, malware activity, infrastructure, indicators, and TTPs.
Translate threat intelligence into actionable hunting hypotheses, investigation workflows, hunting queries, and customer-facing findings.
Execute existing threat hunting reports and hunting workflows, investigate results, and support timely customer reporting.
Investigate scheduled hunt detections and compose clear, professional reports when relevant.
Investigate hunting leads based on IOCs, threat intelligence, internal detections, customer telemetry, and emerging adversary behaviors.
Monitor the threat landscape and prepare initial context for emerging campaigns, enabling the global team to continue deeper investigation and hunting.
Collaborate with threat hunters, detection engineers, incident responders, MDR, and Unit 42 researchers to operationalize intelligence quickly and effectively.
Escalate major, unclear, or high-impact security events to the Threat Hunting leadership team when necessary.
Provide ongoing feedback on findings, hunting reports, queries, intelligence workflows, and operational processes to support continuous improvement.

We are seeking a Principal/Senior Security Researcher to lead proactive research into emerging abuse patterns across agentic and modern endpoint environments. This includes browser extensions, SaaS- and web-delivered code, autonomous agents, MCPs and related tooling, and other forms of non-binary software that do not fit neatly into a traditional malware-focused model.
In this role, you will define and drive independent research initiatives rather than simply respond to predefined queues. You will conduct deep technical investigations, including reverse engineering, telemetry analysis, controlled experimentation, and data-driven validation, and translate your findings into actionable outcomes for the product. These may include detection concepts with clear success criteria, recommendations for new telemetry or platform behavior, and concise technical narratives for engineering, product, executive, or customer-facing audiences.
You will act as a senior research partner to engineering and product leadership, helping shape priorities around what to instrument, what to build, what to retire, and how to reason about ambiguous signals in production environments. The role requires strong technical judgment, strategic thinking, and the ability to turn complex research into evidence-backed product impact.
Key Responsibilities
Define and execute proactive research programs: novel attack surfaces (e.g., browser extensions, SaaS-delivered code, autonomous agents, MCP/tooling ecosystems), long-horizon threats, and systemic gaps in visibility or detection.
Perform deep technical analysis beyond routine triage: reverse engineering, behavioral modeling, data-driven hypothesis testing, and rigorous validation of findings at scale.
Set direction for how research translates into product and detection: prioritization frameworks, threat models, evaluation criteria, and standards of evidence for shipping high-impact changes.
Partner with senior engineering and product stakeholders to shape roadmap, telemetry, and architecture informed by research; influence design tradeoffs before issues appear in the field.
Lead complex, ambiguous investigations end-to-end and synthesize conclusions for executive and customer-facing audiences when stakes are high.
Represent the team through high-quality technical artifacts (e.g., in-depth publications, conference-quality work, or equivalent internal briefings) that establish external and internal credibility.

we are seeking a Senior Threat Hunting Researcher for Unit 42s Managed Services group, a senior hands-on role combining threat hunting, detection engineering, and incident investigation experience. You will proactively hunt across diverse telemetry to identify suspicious behaviors and emerging threats that evade traditional security. A key part of the role is translating low-fidelity signals into high-fidelity hunting logic and reusable detection opportunities. You will collaborate with multiple teams to share findings, explain coverage, and support response and improvement efforts.
Key Responsibilities
Proactively hunt for suspicious behaviors, malware activity, threat actor tradecraft, and emerging campaign patterns across large-scale customer telemetry.
Build, validate, and tune hunting and detection logic across multiple data sources and security products.
Translate low-fidelity signals, alerts, incidents, and coverage gaps into high-fidelity hunting content and reusable detection opportunities.
Investigate suspicious activity using available telemetry and clearly communicate findings, limitations, and recommended next steps.
Improve detection quality by reducing false positives, increasing signal fidelity, and identifying meaningful coverage gaps.
Collaborate with MDR, Incident Response, Threat Intelligence, Product, and Engineering to improve protection and operational scalability.
Deliver clear, evidence-based reports and technical findings that help customers understand risk and improve defenses.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

We are looking for a Research Team Lead to establish and lead a cross-product research team focused on horizontal, high-impact initiatives that influence multiple our company offerings.
Unlike product-embedded research roles, this team drives foundational and strategic research projects across networking, security, identity, automation, and AI-driven capabilities. Examples include large-scale reasoning systems, autonomous policy frameworks, cross-domain detection and response concepts (xOps), and platform-wide intelligence capabilities.
You will combine deep technical expertise with strong leadership and execution skills -identifying impactful research directions, building a high-performing team, and turning advanced research into real platform capabilities used by thousands of customers worldwide.
Responsibilities
Technical Vision & Strategy
Define and execute the roadmap for cross-product research initiatives.
Identify high-leverage research opportunities that impact multiple domains and products.
Drive long-term architectural thinking and influence platform evolution.
Balance innovation, experimentation, and production-readiness.
Team Leadership
Recruit, mentor, and grow a multidisciplinary team of researchers (AI, data, algorithms, networking, security).
Establish high standards for research rigor, experimentation methodology, and engineering quality.
Foster a culture of ownership, collaboration, and technical excellence.
Research & Execution
Lead complex, ambiguous research initiatives from ideation through validation and productionization.
Design large-scale experiments and validation methodologies using our companys data platform.
Drive innovation in areas such as:
Autonomous policy systems
Cross-domain detection and response frameworks
Large-scale reasoning and decision systems
Data-driven optimization and automation capabilities
Ensure research outcomes are measurable, scalable, and aligned with business impact.
Cross-Functional Collaboration
Work closely with Product, Engineering, Architecture, and Product Research teams to translate research into shipped capabilities.
Provide technical guidance and influence cross-organizational decisions.
Act as a bridge between exploratory research and production systems.
Communication & Influence
Present research findings and strategic recommendations to senior leadership.
Produce clear technical documentation, design proposals, and internal position papers.
Represent Platform Research as a center of excellence for cross-product innovation.

Were looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?
As the Head of Research, you will lead Securitys threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community. You will manage and grow a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful. This role emphasizes strong people leadership and cross-functional execution, alongside technical depth and hands-on research judgment.
What youll do :
Develop, own and evolve the research strategy by defining high value focus areas (for example misconfigurations, identity threats, workload vulnerabilities, and emerging attack techniques), and ensure alignment with product roadmap and business objectives.
Lead, coach, and mentor a multidisciplinary research team (researchers, threat analysts, and engineers).
Build a healthy, high-performing org, including hiring, onboarding, and performance management.
Partner closely with product and engineering leadership to turn research insights into concrete roadmap items, detection logic, and customer value.
Drive discovery of new vulnerabilities, attack techniques, or adversary behaviors across cloud and modern infrastructure environments (for example containers, serverless, data stores, IAM).
Define metrics for research impact (for example vulnerabilities discovered, time to validate and operationalize new findings, research-driven product improvements, external reach).
Establish and maintain external partnerships (industry peers, academic groups, independent researchers) to expand capabilities and pipeline.
Publish and present research findings (blog posts, white papers, conference talks).
Lead vulnerability disclosure and responsible communications.
Ensure the research function has the right infrastructure and processes (tooling, sandboxes, repeatable experimentation, documentation standards).
Stay current with the threat landscape, emerging technologies, attacker tradecraft, and relevant compliance or regulatory shifts.

What you will do
Research threat actors, campaigns, and techniques relevant to browser extensions, SaaS apps, autonomous agents, MCP/tooling ecosystems, and related endpoint behaviors.
Build and maintain threat intelligence: TTPs, IOCs where appropriate, ATT&CK-style mappings, and internal knowledge bases.
Design, test, and tune detection logic (behavioral rules, heuristics, models, or equivalent) in collaboration with detection and data science teams.
Analyze customer and telemetry datasets to find novel abuse patterns, false positives, and detection gaps.
Produce clear outputs for multiple audiences: technical blogs, customer-facing briefings, internal playbooks, and engineering specs.
Work with reverse engineering, data engineering, and product to turn research into durable platform capabilities.
Participate in incident-driven research and time-sensitive investigations when new threats emerge.

If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you.
We're looking for a Manager to lead a security research team for detection and response across cloud environments.
This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Key Responsibilities
Manage a team of security researchers conducting research on attacks against cloud data , Kubernetes and containers.
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions.
Represent the team and share insights with the security community through blogs, conference talks, and publications.