דרושים » תוכנה » Senior Malware Researcher

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 12 שעות
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Required Senior Malware Researcher
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.
Requirements:
7+ years of experience in cyber security, with significant hands-on experience in malware research focused on APTs and state-linked actors.
Strong proficiency with RE tools such as IDA Pro, Ghidra, x64dbg/WinDbg, and common dynamic analysis/sandbox environments.
Deep understanding of OS internals (Windows/Linux/Android/Mac), common persistence and execution techniques, and modern offensive tradecraft.
Demonstrated experience extracting configs, C2 endpoints, and capabilities from both compiled and scripted malware.
Strong investigative mindset, attention to detail, and ability to work with incomplete or obfuscated data.
Experience researching or defending government or critical infrastructure organizations- Advantage.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8723340
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 12 שעות
Location: Tel Aviv-Yafo
Job Type: Full Time
Required Senior Threat Intelligence Researcher
As a Senior Threat Intelligence Researcher, you will be responsible for tracking advanced adversaries and leveraging your deep technical expertise across attacker capabilities, infrastructure, and tactics. You will create and refine approaches to uncover and monitor active threat actors, as well as surface irregular and emerging behaviors in the broader threat landscape. The intelligence you generate will directly strengthen our understanding of threat actors and will inform proactive hunting, detection engineering, and defensive decision-making.
Responsibilities
Lead complex threat intelligence investigations through in-depth analysis of the global threat landscape, with a focus on advanced and state-linked actors.
Define and prioritize threat research focus areas (actors, campaigns, sectors, techniques) aligned with our customers and product roadmap.
Deliver actionable cyber threat intelligence and design and execute hunting campaigns using analytics, automation, and advanced AI capabilities.
Curate and maintain structured knowledge on actors, campaigns, infrastructure, and TTPs in our internal threat knowledge base.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.
Requirements:
7+ years of experience in cyber security, with significant hands-on experience in threat intelligence research focused on APTs or state-linked actors.
Detailed understanding of existing APT groups historical activities, TTPs, motivations, and targeting patterns.
Strong investigative mindset, high level of intellectual curiosity, and comfort working with incomplete or ambiguous data.
Proficiency in infrastructure research, including WHOIS, passive DNS, SSL certificate analysis, BGP/ASN data, and platforms such as Censys and VirusTotal.
Strong written and verbal communication skills, with experience producing clear and concise threat intelligence reports or briefs.
Experience in software development and data analysis (e.g., Python, Jupyter, or similar) to support investigations and hypothesis testing.
Experience researching or defending government or critical infrastructure organizations- Advantage.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8723230
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
לפני 13 שעות
Location: Tel Aviv-Yafo
Job Type: Full Time
our company Research (CPR) is looking for a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and state-sponsored activities. You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect our company customers and empower the company brand.
Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.
Requirements:
Your Knowledge & Skills
5+ years of experience as a threat researcher, incident responder, malware analyst, detection engineer or other relevant roles.
Practical experience in tracking state-sponsored or advanced financially motivated actors - including malware, infrastructure and TTPs.
Profound knowledge and understanding of malware and common attacking techniques.
Hands-on experience in automating and optimizing hunting and enrichment processes using code (preferably Python).
Familiarity with query languages and data exploration tools.
Ability to translate technical findings into actionable detection and prevention signatures.
Experience in writing technical blog posts and technical analysis reports.
Experience in public speaking and presentation of research in cyber security conferences .
Fluent English.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8723028
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.
Requirements:
5+ years of experience in cybersecurity research, with a proven track record of impactful projects.
Good knowledge of Linux OS internals, including both user and kernel space.
Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs.
Hands-on experience in real-world threat hunting, incident response, or detection engineering.
Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs.
Excellent problem-solving skills and a passion for cybersecurity innovation.
Ability to work independently, take initiative, and collaborate effectively in a team environment.
Preferred Qualifications
Background in EDR/XDR products or security solution development.
Experience in reverse engineering, including familiarity with debugging and disassembly tools such as GDB, IDA Pro, or Ghidra.
Experience in advanced data analysis, statistics, or machine learning for security applications.
Experience with Linux kernel development or vulnerability research.
Familiarity with virtualization platforms (e.g., ESXi/vCenter).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8718538
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux Security. You'll be a foundational member of a new and growing team dedicated to the blue ocean of detection, developing multiple new capabilities within the largest cybersecurity enterprise in the world.
This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilitie
Play a pivotal role in shaping the future of our security solutions.
Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules.
Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms.
Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base.
Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems.
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies.
Collaborate closely with engineering, product management, and other research teams to translate research findings into production features.
Requirements:
Required Qualifications
5+ years of experience in cybersecurity research, with a proven track record of impactful projects.
Good knowledge of Linux OS internals, including both user and kernel space.
Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs.
Hands-on experience in real-world threat hunting, incident response, or detection engineering.
Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs.
Excellent problem-solving skills and a passion for cybersecurity innovation.
Ability to work independently, take initiative, and collaborate effectively in a team environment.
Preferred Qualifications
Background in EDR/XDR products or security solution development.
Experience in reverse engineering, including familiarity with debugging and disassembly tools such as GDB, IDA Pro, or Ghidra.
Experience in advanced data analysis, statistics, or machine learning for security applications.
Experience with Linux kernel development or vulnerability research.
Familiarity with virtualization platforms (e.g., ESXi/vCenter).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8705404
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D center. You will be part of a team that is responsible for researching the most recent and advanced cybersecurity threats, as well as designing, developing, and improving Anti-Malware capabilities to protect against them. The position includes researching OS internals, picking apart malware samples, delving into the internals of Windows kernel and user-mode code, and finding ways to mitigate new attack vectors.
The proposed role will be part of the research team of the Cortex XDR endpoint protection solution.
We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team of the Cortex XDR agent group. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, working closely with various teams to drive innovation. A deep understanding of the Windows operating system is essential.
Key Responsibilities
Playing a pivotal role in shaping the future of our security solutions.
Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules.
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities.
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert.
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities.
Respond to malware-based security events at clients' networks.
Stay up to date with current malware and APT techniques.
Provide feedback to the product management team on new feature requests and product enhancements from our customer base.
Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware.
Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis.
Be a team player who lifts others up - happy to jump in when a teammate is stuck on a tricky Windows internals or RE question, share what you've figured out, and generally make the people around you better.
Requirements:
At least 5 years of experience in the cyber security research domain.
In-depth knowledge of Windows operating system internals (both user-mode and kernel-mode) - at least 3 years of hands-on research experience.
In-depth knowledge of C/C++, with hands-on development experience using C/C++ (Win32 API) in a Windows environment.
Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques.
Strong dynamic analysis skills with hands-on experience using debuggers such as WinDbg, x64dbg, OllyDbg, or similar.
Strong static analysis skills with hands-on experience using disassemblers such as IDA Pro and Ghidra.
Proficiency in Python.
Knowledge of networking and internet protocols.
A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solution development, Windows exploitation, or vulnerability research.
Ability to work fully independently - own a research track from scoping to POC handoff with minimal supervision - while also collaborating effectively as part of a team.
Strong problem-solving skills with a passion for innovation, sharp attention to detail, and a bias for taking initiative on hard problems.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8714873
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
3 ימים
Location: Tel Aviv-Yafo
Job Type: Full Time
The Threat Intelligence group, a key member of the company Research department, leads global threat research efforts, and improves threat coverage across the evolving cyber threat landscape.
The group focuses on understanding and tracking cybercriminal organizations, nation-state (APT) actors, hacktivist activity, active malware campaigns, and emerging adversary trends. The research produced by the team supports both strategic insight and the development of advanced security technologies.
This role is responsible for conducting in-depth cyber threat landscape research and owning the full intelligence research lifecycle-from intelligence collection through analysis and written output.
Key Responsibilities
Research and analyze cyber threat actors.
Be the first to flag trends, new malware, threat actors and intelligence items that stand out in the crowd
Execute the full intelligence research lifecycle:
Monitoring and analyzing the digital underground - including the DarkNet, the DeepWeb, and other open and restricted sources
Gather & flag intelligence that stands out.
Assess, validate, and refine raw information into high-confidence insights
Produce clear, well-structured written research and threat assessments
Build, maintain, and continuously evaluate a diverse set of reliable intelligence sources
Identify long-term trends, relationships, and shifts in adversary behavior
Conduct deep intelligence collection operations and collect proprietary intelligence
Collaborate with other researchers and internal stakeholders to contextualize findings and improve threat coverage
Maintain high analytical and research standards, including sourcing, attribution, and methodological rigor.
Requirements:
At least 3 years of experience in Cyber Threat Intelligence (CTI) or cyber threat research
Deep understanding of cyber threat landscape and cybercriminal and hacktivists ecosystems: actors and groups, motivations and goals, tools and capabilities, attacks and campaigns
Proven experience across the full threat intelligence research lifecycle (collection, validation, analysis, production, and dissemination)
Strong WEBINT research and virtual HUMINT operations skills, including source discovery, validation, and long-term source management.
Excellent analytical abilities, strong attention to detail, and critical thinking skills
Strong written communication skills, with the ability to present complex research clearly and accurately
Ability to work independently as well as collaboratively within a research team
Big Plus
Knowledge of Russian, Spanish, Portuguese or Mandarin.
Familiarity with MITRE ATT&CK or similar frameworks
Experience publishing external threat research.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8721018
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. Palo Alto Networks Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage Palo Alto Networks telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within Palo Alto Networks to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.
Requirements:
Required Qualifications
4+ years of experience in at least one of the following fields: Threat Intelligence, Threat Hunting, Malware Analysis, Security Research, SOC (Level 3), or Incident Response.
Deep understanding of the cyber threat landscape, including advanced malware and threat actor techniques. A strong command of the MITRE ATT&CK framework is a must.
Strong proficiency in Python, specifically for automating data collection via APIs and performing data analysis.
Proven experience using BigQuery or SQL-based languages to query massive datasets and identify anomalies.
Strong understanding of OS internals (e.g., processes, registry, memory, file system events) and OS event logs.
Hands-on experience simulating attacks or performing static and dynamic malware analysis in a controlled lab environment.
Analytical Mindset: Ability to analyze large amounts of technical data, extract crucial details, and draw meaningful conclusions.
Independence: Ability to work independently, lead projects to fruition, and collaborate across the company with other departments.
High proficiency in English, both verbal and written.
Preferred Qualifications
Experience in OSINT or intelligence analysis (e.g., military intelligence).
Experience with EDR/XDR platforms, YARA, or Sigma rules.
Strong presentation and public speaking skills.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8715060
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. Palo Alto Networks Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage Palo Alto Networks telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within Palo Alto Networks to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.
Requirements:
4+ years of experience in at least one of the following fields: Threat Intelligence, Threat Hunting, Malware Analysis, Security Research, SOC (Level 3), or Incident Response.
Deep understanding of the cyber threat landscape, including advanced malware and threat actor techniques. A strong command of the MITRE ATT&CK framework is a must.
Strong proficiency in Python, specifically for automating data collection via APIs and performing data analysis.
Proven experience using BigQuery or SQL-based languages to query massive datasets and identify anomalies.
Strong understanding of OS internals (e.g., processes, registry, memory, file system events) and OS event logs.
Hands-on experience simulating attacks or performing static and dynamic malware analysis in a controlled lab environment.
Analytical Mindset: Ability to analyze large amounts of technical data, extract crucial details, and draw meaningful conclusions.
Independence: Ability to work independently, lead projects to fruition, and collaborate across the company with other departments.
High proficiency in English, both verbal and written.
Preferred Qualifications
Experience in OSINT or intelligence analysis (e.g., military intelligence).
Experience with EDR/XDR platforms, YARA, or Sigma rules.
Strong presentation and public speaking skills.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8715079
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D center. You will be part of a team that is responsible for researching the most recent and advanced cybersecurity threats, as well as designing, developing, and improving Anti-Malware capabilities to protect against them. The position includes researching OS internals, picking apart malware samples, delving into the internals of Windows kernel and user-mode code, and finding ways to mitigate new attack vectors.
The proposed role will be part of the research team of the Cortex XDR endpoint protection solution.
We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team of the Cortex XDR agent group. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, working closely with various teams to drive innovation. A deep understanding of the Windows operating system is essential.
Key Responsibilities
Playing a pivotal role in shaping the future of our security solutions.
Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules.
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities.
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert.
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities.
Respond to malware-based security events at clients' networks.
Stay up to date with current malware and APT techniques.
Provide feedback to the product management team on new feature requests and product enhancements from our customer base.
Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware.
Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis.
Be a team player who lifts others up - happy to jump in when a teammate is stuck on a tricky Windows internals or RE question, share what you've figured out, and generally make the people around you better.
Requirements:
Required Qualifications
At least 5 years of experience in the cyber security research domain.
In-depth knowledge of Windows operating system internals (both user-mode and kernel-mode) - at least 3 years of hands-on research experience.
In-depth knowledge of C/C++, with hands-on development experience using C/C++ (Win32 API) in a Windows environment.
Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques.
Strong dynamic analysis skills with hands-on experience using debuggers such as WinDbg, x64dbg, OllyDbg, or similar.
Strong static analysis skills with hands-on experience using disassemblers such as IDA Pro and Ghidra.
Proficiency in Python.
Knowledge of networking and internet protocols.
A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solution development, Windows exploitation, or vulnerability research.
Ability to work fully independently - own a research track from scoping to POC handoff with minimal supervision - while also collaborating effectively as part of a team.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8704932
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
The Cortex Threat Intelligence team is responsible for maintaining an up-to-date overview of the ever-changing threat landscape and its effects on the Cortex product suite. This includes the collection, analysis, and dissemination of technical threat intelligence from multiple internal and external sources. As part of this role, you will identify detection opportunities, automate threat intelligence processes, and develop tools and methodologies to increase team productivity. our company's Cortex XDR is a market-leading platform with an almost unparalleled telemetry data lake. Our team is deeply data-driven; it is the ideal environment for analysts who are enthusiastic about data mining, tracking threat actors, and deconstructing complex cyberattacks.
Key Responsibilities
Monitor the global threat landscape using diverse sources to proactively identify potential coverage gaps and improve Cortex XDRs defensive posture.
Perform in-depth research into cyberattack techniques to provide actionable insights and suggestions for improving product capabilities.
Leverage our company's telemetry datasets to identify emerging attack patterns and hunt for novel threats.
Design and propose robust detection logic across multiple operating systems (Windows, macOS, Linux).
Partner with cross-functional teams within our company to communicate findings and co-develop security enhancements.
Transform technical intelligence into high-impact deliverables, including customer-facing reports, research articles for the company blog, or presentations at international security conferences.
Requirements:
Required Qualifications
4+ years of experience in at least one of the following fields: Threat Intelligence, Threat Hunting, Malware Analysis, Security Research, SOC (Level 3), or Incident Response.
Deep understanding of the cyber threat landscape, including advanced malware and threat actor techniques. A strong command of the MITRE ATT&CK framework is a must.
Strong proficiency in Python, specifically for automating data collection via APIs and performing data analysis.
Proven experience using BigQuery or SQL-based languages to query massive datasets and identify anomalies.
Strong understanding of OS internals (e.g., processes, registry, memory, file system events) and OS event logs.
Hands-on experience simulating attacks or performing static and dynamic malware analysis in a controlled lab environment.
Analytical Mindset: Ability to analyze large amounts of technical data, extract crucial details, and draw meaningful conclusions.
Independence: Ability to work independently, lead projects to fruition, and collaborate across the company with other departments.
High proficiency in English, both verbal and written.
Preferred Qualifications
Experience in OSINT or intelligence analysis (e.g., military intelligence).
Experience with EDR/XDR platforms, YARA, or Sigma rules.
Strong presentation and public speaking skills.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8704953
סגור
שירות זה פתוח ללקוחות VIP בלבד