לוח משרות דרושים חוקר סייבר

We are looking for a Security and ML/AI Principal Researcher to work alongside product owners, designers, and technical writers within the broader Product Management Group. As a Principal Researcher, you are responsible for doing research in Cyber and ML/AI applictions to assist in refining and executing the vision of Identity Threat Detection and Response (ITDR), Cloud infrastructure Entitlement Management (CIEM), Behavioral Analytics, Secret Server and other company`s solutions, by working closely with cross functional teams in the research, planning, development, and release of new products. You will be working in a highly dynamic, fast-paced environment, interacting regularly with internal stakeholders in the development of our products.

The ideal candidate will have the tenacity, focus, and creativity to thrive in a fast-paced security startup, where initiative is expected, oversight is minimal, and where results are the only
outcome that matters.

This position is based in Tel Aviv and will require being on-site in the office two to three days per business week.

Key Responsibilities:
Research areas may include, but are not limited to the following.
Security research such as: identity threats, account takeover methods, AuthZ security, app permission mechanisms and privilege escalation paths, AuthN weaknesses, IAM mechanisms, automated provisioning abuse, configuration weaknesses, access related supplychain attacks, and protocol weaknesses and attacks on SAML, SCIM, OAuth2, OIDC, and similas. (it is unlikely but not impossible that work will include binary level exploitation / RE as well).
ML/AI applications research such as: ML/AI discovery of TTPs and anomalies, using LLMs and foundation models for security applications (may include fine tuning, RAG, and other
applications), quantifying risk, graph analysis and graph algorithms.

In this role you may also:
Help refine and articulate the product vision and strategy of selected our solutions.
Collaborate with customers, prospects, partners as well as external/internal stakeholders to understand client needs to define and validate product requirements.
Work closely with Engineering and PM teams to solve complex problems affecting our customers through research applications.

we are a strategic consulting and business intelligence firm based in Tel Aviv looking for an Intelligence Analyst.
Responsibilities:
* Conduct in-depth research and analysis, collaborating with cross-functional teams to communicate complex findings effectively
* Develop innovative OSINT and WEBINT methods, staying up to date on the latest trends and investigative techniques
* Operate and maintain cutting-edge technological systems, implementing investigative findings across various sectors
* Be part of a leading team, holding top-to-bottom responsibilities

Required Senior Vulnerability Researcher
What will you do:
The vulnerability researcher will explore different security aspects of new technologies and suggest novel ways to break and protect these technologies.
Vulnerability research of many interesting technologies and popular products. Everything could be an option, from Internal OS components to cloud SaaS services, from DevOps tools to Linux Containers, etc.
Focusing on finding identity-related vulnerabilities and new attack vectors on any kind of digital identity: human, application, and machine identities.
Development of exploitation and mitigation POCs and tools.
Working together with R&D and PM to shape our future features & products.
Initiate and help driving innovation around your research area.
Writing blog posts and presenting new research work at security conferences such as Blackhat, DEFCON, RSA.

We are seeking for a Senior Malware Researcher for expanding the Malware Research Team.
As a Senior Malware Researcher, you will be battling criminal activities by researching the most up-to-date malware, exploits, and shellcodes to understand the evolving attack surface and empowering the good guys by:
Publishing your findings to the research community, including blog posts, and speaking in global conferences.
Helping the Open-Source community by developing and updating new GitHub tools and POCs.
Improving our innovation and R&D products, including the fields of Identity, Browser and AI.

As a Security Researcher, you will be:

Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding and exploiting vulnerabilities and circumventing modern mitigation techniques

We are seeking a highly talented Malware Researcher with a strong background in sandboxing and reverse engineering techniques.
You will join the Intego (our Anti-Virus) Malware Research team in delivering sophisticated customer protection.
Description:
Research new malware online.
Detecting trends and waves of infections.
Writing technical articles on findings.
Code reading to determine if a particular file is malicious or not.
Writing regular expressions to detect and remove malicious code.
Act as a strong advocate for quality in the product development process for software engineering.
Self-motivated and able to grasp issues quickly and make educated, critical judgments in the absence of complete requirements.
Able to multitask in a dynamic, fast-paced environment, proven social skills, and worked with various multi-functional teams to deliver high-quality products.

As a Security Researcher at our company, you will play a pivotal role in identifying, analyzing, and mitigating emerging cyber threats. You will work closely with a multidisciplinary team to develop impactful intelligence and translate your findings into effective security measures.
As part of our research team, you will have the ability to push your innovative ideas and bring them to life from scratch.
We are seeking an autodidact with a strong foundation in Python coding, cyber security research, and analytics skills, coupled with exceptional communication abilities and a proven track record of collaborative teamwork.
Responsibilities
Conduct in-depth research and analysis of cyber threats, including malwares, vulnerabilities, attack vectors and campaigns.
Develop and maintain tools, scripts, and algorithms to automate threat detection, analysis, data collection, etc.
Collaborate with cross-functional teams to design and implement innovative intelligence solutions.
Communicate findings, recommendations, and actionable insights to internal stakeholders and external partners.
Take ownership of projects from conception to execution, ensuring timely delivery of high-quality results.
Monitor industry trends, emerging technologies, and evolving threat landscapes.

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it.

Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping our engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping our customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it.

Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping Microsoft engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping Microsoft customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.

Azure Networking is one of the core organizations that build Azure, the worlds largest network, leading digital transformation, empowering, and connecting enterprises and individuals around the world. The team in Israel is specializing in Network security, developing services that protect the Azure platform, the users and apps running on top of it.

Responsibilities:
The Azure Networking Security Research team is responsible for improving the security posture of Azure 1st party services and architecture, spanning across Host, WAN, SDN (software-defined networks) and network services, used by billions of customers in homes, businesses, and across Azure. This team performs security design reviews, code reviews, and hands-on offensive research/operations on key networking services to make sure they meet the highest security standards possible.
In this role, you will be part of an offensive research team tasked with helping our engineers ship the most secure product possible. The ideal candidate will have rich and diverse hands-on experience of exploiting, great capabilities to dive and understand code, a deep understanding of networking fundamentals and cloud architecture, an offensive mindset, and a passion for keeping our customers safe.
In other words, you will:
Identify security vulnerabilities in a wide variety of key networking services, protocols, and architecture, all comprising the Azure network.
Improving the security of Azure services and contributing to services that are in use by millions of users over the world.
Develop capabilities to detect security issues and vulnerabilities in scale.
Collaborate with other security and product teams to improve security.
Produce high-quality papers, presentations, and recommendations to improve Azure security.

Responsibilities:
Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
Provide subject matter expertise to customers based on industry attack trends and product capabilities.

We are seeking a highly motivated and experienced Senior Software Engineer, passionate about writing tools and implementing new frameworks from the ground. You will play a crucial role in our mission to prevent, detect and respond to threats across endpoint, network and cloud data in order to ensure the best security our customers

Your Impact

You will be responsible for the complete software development life cycle including requirement analysis, design, development and deployment
Take part in integrating the newest features, create tools and frameworks for researchers and working with big data pipelines
Produce elegant, generic, modular and extendable code
Actively influence the processes and methods for researchers

We are seeking a highly motivated and experienced Senior Software Engineer, passionate about writing tools and implementing new frameworks from the ground. You will play a crucial role in our mission to prevent, detect and respond to threats across endpoint, network and cloud data in order to ensure the best security our customers

Your Impact

You will be responsible for the complete software development life cycle including requirement analysis, design, development and deployment
Take part in integrating the newest features, create tools and frameworks for researchers and working with big data pipelines
Produce elegant, generic, modular and extendable code
Actively influence the processes and methods for researchers

We are seeking a highly motivated and experienced Senior Software Engineer, passionate about writing tools and implementing new frameworks from the ground. You will play a crucial role in our mission to prevent, detect and respond to threats across endpoint, network and cloud data in order to ensure the best security our customers

Your Impact

You will be responsible for the complete software development life cycle including requirement analysis, design, development and deployment
Take part in integrating the newest features, create tools and frameworks for researchers and working with big data pipelines
Produce elegant, generic, modular and extendable code
Actively influence the processes and methods for researchers

We are looking for a highly technical individual to join the Threat and Detection team in our Tel-Aviv R&D center.

The team is dedicated to PANW Cortex Security & Security Assurance Features on multiple Operating systems including but not limited to Windows and Linux, simulating and developing POCs for known threats and offensive tools to determine New features security Coverage & Detection quality across the Kill Chain /MITRE ATT&CK Framework and real threats.

In this role, you will identify unique ways to solve problems by creating custom ATTACK Infrastructure, tooling, and advancing in-house Security capabilities. We are looking for someone who can bring new ideas and perspectives to Simulate , Code and react to new threats, Malware, and Exploits. The position will expand our XDR, Malware, and Exploit sensors and capabilities, that utilize heuristics and ML technologies.

More information about Cortex XDR can be found here .

Your Impact

Learn new security features, technologies, and platforms in a relatively short amount of time
Gain hands-on experience with scalable, extensible, and real-time detection/prevention systems
Learn to analyze and identify real-world vulnerabilities, Malware, and exploits
Learn to leverage data-driven approaches to identify threats and mitigations automatically
Reproduce and analyze security issues, that either came from the field or have been found during the Security validation cycle
Enrich our Security automation Coverage and infrastructure to protect against known and unknown threats
Partner with Research and Low-Level engineering groups to identify security issues and gaps
Scale-out existing security tooling and infrastructure for both on-prem and Cloud workloads
Research and develop new tools and capabilities that emulate real-world adversary behavior.
Define and lead adversary emulation engagements to show cyber defensive teams how to respond to real-world adversaries