דרושים » מחשבים ורשתות » Senior Linux Detection Researcher (Cortex)

The team is responsible for developing and improving our Linux anti-malware prevention. This includes having top-notch knowledge about the latest malware families in the wild, Linux internals, different attack frameworks and hacktools. As part of this, the team analyzes customer data and issues to prevent malicious activities in our customer's environment, and help to improve the product.
Key Responsibilities
Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
Create behavioral-based protection that enhances our product's coverage
Leverage Palo Alto Networks massive collection network to identify coverage gaps and emerging threats
Assist in the design, research, evaluation and implementation of new security technologies and features
Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams.

The team is responsible for developing and improving our Linux anti-malware prevention. This includes having top-notch knowledge about the latest malware families in the wild, Linux internals, different attack frameworks and hacktools. As part of this, the team analyzes customer data and issues to prevent malicious activities in our customer's environment, and help to improve the product.
Key Responsibilities
Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
Create behavioral-based protection that enhances our product's coverage
Leverage our company massive collection network to identify coverage gaps and emerging threats
Assist in the design, research, evaluation and implementation of new security technologies and features
Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams.

The team is responsible for developing and improving our Windows anti-malware prevention. This includes having top-notch knowledge about the latest malware families in the wild, Windows internals, different attack frameworks and hacktools. As part of this, the team analyzes customer data and issues to prevent malicious activities in our customer's environment, and help to improve the product.
Key Responsibilities
Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
Create behavioral-based protection that enhances our product's coverage
Leverage our company massive collection network to identify coverage gaps and emerging threats
Assist in the design, evaluation, and implementation of new security technologies
Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams.

As the Manager of the Rapid Response (RR) team, you will lead a group of malware analysts responsible for developing, improving, and deploying our rapid anti-malware prevention capabilities. Your team is on the front lines of statically analyzing urgent customer issues, stopping malicious activities in their tracks, and developing to halt attacks at the earliest possible stage. In this role, you will guide the teams technical direction, drive automation initiatives, and act as the critical bridge between frontline support, global research, and engineering.
Key Responsibilities
Lead, mentor, and develop a team of fast-paced malware analysts, fostering a "play to win" culture.
Oversee the daily triage, investigation, and resolution of urgent customer escalations, specifically False Positive (FP) and False Negative (FN) malware prevention events - ensuring swift and accurate mitigation.
Drive the team's automation efforts, identifying opportunities to automate routines to reduce response times and scale the team's capabilities.
Direct the analysis of emerging malware families, OS internals, and attack frameworks to ensure the team maintains an up-to-date overview of the current threat landscape.
Guide the development of rapid, high-quality prevention signatures (e.g., YARA, IPS) to enhance product coverage.
Act as the primary technical escalation point and work in close coordination with global research teams, support, engineering, and other cross-functional stakeholders.

As the Manager of the Rapid Response (RR) team, you will lead a group of malware analysts responsible for developing, improving, and deploying our rapid anti-malware prevention capabilities. Your team is on the front lines of statically analyzing urgent customer issues, stopping malicious activities in their tracks, and developing to halt attacks at the earliest possible stage. In this role, you will guide the teams technical direction, drive automation initiatives, and act as the critical bridge between frontline support, global research, and engineering.
Key Responsibilities
Lead, mentor, and develop a team of fast-paced malware analysts, fostering a "play to win" culture.
Oversee the daily triage, investigation, and resolution of urgent customer escalations, specifically False Positive (FP) and False Negative (FN) malware prevention events - ensuring swift and accurate mitigation.
Drive the team's automation efforts, identifying opportunities to automate routines to reduce response times and scale the team's capabilities.
Direct the analysis of emerging malware families, OS internals, and attack frameworks to ensure the team maintains an up-to-date overview of the current threat landscape.
Guide the development of rapid, high-quality prevention signatures (e.g., YARA, IPS) to enhance product coverage.
Act as the primary technical escalation point and work in close coordination with global research teams, support, engineering, and other cross-functional stakeholders.

We are looking for a Linux Low Level Security Research team manager for our Tel Aviv R&D center. You will manage and lead a team that is responsible for researching the most recent Malwares, Kernel mitigations, EBPF, and advanced cybersecurity threats, as well as designing, developing and improving our Linux Agent ability to protect against different threats. The position includes researching Linux internals, Reverse engineering, malwares analysis, diving into internals of the Linux kernel and user-mode code, java, javascript and more.
Key Responsibilities
Leading the existing employees as well as hire future employees to join your team.
Be a thought leader around anti-malware detection and protection; designing, planning, and improving our anti-malware detection and prevention capabilities.
Lead the rapid response and find ways to prevent new critical vulnerabilities.
Respond to malware-based security events from customers.
Stay up to date with current malware and new attackers techniques.

Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. Palo Alto Networks Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage Palo Alto Networks telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within Palo Alto Networks to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.

The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. Palo Alto Networks Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage Palo Alto Networks telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within Palo Alto Networks to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.