לוח משרות דרושים חוקר סייבר

Required DFIR Expert
Herzliya, Israel, Full Time, hybrid
Our DFIR team is responsible for responding to our clients' cyber incidents and crises.Our group is expanding. If you see yourself in the front line of the cybersecurity domain as a digital forensic and incident response (DFIR) talent, your place is with us. As a DFIR team member, you will participate in hands-on security research and investigations, helping our customers understand and mitigate cyber threats and attacks.
Responsibilities
Perform incident response lifecycle and real-time activities, including detection and analysis, containment and eradication, and recovery
Perform incident response in a cloud environment (Azure, AWS etc.).
Perform digital forensics investigations
Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors
Perform hunt-evil and find-evil activities for proactively detecting attacks
Work closely with our in-house red team, CTI, and cyber architect teams
Work closely with worldwide companies, CISOs, and technology experts.

We are looking for an experienced Security Architect to lead the design and implementation of advanced security solutions across our infrastructure, products, and cloud environments. In this role, you will work closely with engineering, DevOps, product, and SOC teams to ensure end-to-end protection, threat resilience, and security-by-design architecture.

Your Chain of Impact:

Design and implement scalable, secure architectures across cloud, application, and data environments
Lead security reviews, threat modeling, and risk assessments for new and existing systems.
Collaborate with R&D and DevOps to embed security best practices into development and deployment processes.
Define and maintain security standards, policies, and frameworks (Zero Trust, IAM, network controls, data protection, etc.)
Oversee integration of security controls, monitoring systems, and automated detection capabilities.
Partner with SOC teams to enhance detection, response, and incident management workflows.
Evaluate new security tools and technologies; lead POCs and drive strategic decisions.
Provide security guidance during architecture planning, code reviews, and product design.

we are looking for a Fraud Analyst.
As a Fraud Analyst, you will be responsible for the core asset of the company - ensuring the ongoing accuracy and superior performance of what is widely recognized as the industry's leading e-commerce fraud decisioning system. You will be empowered and expected to constantly innovate, devising smart logical and technical solutions to address real and evolving business challenges faced by the world's largest and most sophisticated online retailers, who constitute our primary clientele.
In this capacity, your work will also include some direct engagement with these key customers, providing analytical insights and helping to tailor solutions to their specific needs.
This is a role with significant technical aspects, but prior coding knowledge is not required - we believe the right candidates can learn everything they need to do this job well as part of our training process, and while doing the job.
You will join a dynamic department with a deeply ingrained culture of striving for excellence and being the best in our field. We foster an informal, collaborative environment where your contributions are highly valued. This role offers significant growth opportunities, with clear pathways for advancement in both managerial and senior individual contributor (IC) capacities, allowing you to shape your career based on your strengths and aspirations. Your work will directly influence our product, protect our customers, and help define the future of trust in digital commerce.
What you'll be doing:
Invent, design, implement, and refine our systems decisioning logic in production.
Conduct in-depth research into complex fraud patterns and emerging threats.
Leverage extensive datasets to derive actionable insights and enhance decisioning accuracy.
Develop and automate analytical processes to improve efficiency and scale our capabilities.
Collaborate with Data Science, Engineering, and other cross-functional teams to drive platform improvements.

We are seeking an experienced Vulnerability Researcher to join our team, where our ethos of customer-centric problem solving, ownership, professionalism, and resourcefulness are at the heart of everything we do. The team faces complex research issues daily, solving new challenges and constantly improving the existing solutions. In this key position, you'll dive deep into complex security puzzles, pushing the boundaries of our vulnerability research and solutions. Collaborating on challenges with our team means working with the leading cloud platforms (AWS, GCP, Azure) and leveraging advanced technologies like Kubernetes, EBPF, Docker, and more.
Responsibilities
Vulnerability research in the major Cloud providers and cutting-edge technologies.
Collaborate with teams across the organization, including Product, and GTM, to develop and integrate top-tier features.
Conduct deep technical research into cloud-native environments.
Lead offensive investigations in Kubernetes, eBPF, AI/ML‑based anomaly detection, and runtime security, translating findings into production‑grade detections.
Create authoritative content white‑papers, conference papers, blogs, and release notes that educate users and elevate our companys brand.
Deep dive into threat detection and product content that provide our customers deep insights and added value.

Were looking for a highly technical and creative Security Researcher to join our research group. This role is central to navigating complex security landscapes, advancing our CNAPP offerings, crafting sophisticated algorithms, and pioneering cloud security research. Working alongside a diverse team, youll explore the cutting edge of cloud and AI-driven security, uncovering critical vulnerabilities, developing novel detection techniques, and driving impactful research publications. Join us in shaping the future of cloud security, where your work not only advances our technology but also deeply resonates with our commitment to exceeding customer expectations, streamlining for simplicity, and tackling challenges with creative solutions.
Responsibilities
Collaborate with teams across the organization, including Product, Frontend, DevOps, and GTM, to develop and integrate top-tier features.
Conduct deep technical research into cloud-native environments.
Lead initiatives from their inception through to deployment, emphasizing backend system efficiency, scalability, and reliability.
Innovate in Defense Evasion, amplifying the capabilities of our agents and engines.
Forge new paths in cloud security research and cyber security algorithm development.
Deep dive into threat detection and product content that provide deep insights and added value to our customers.

Are you passionate about taking automation to the next level? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive team that will have an impact on the lives of many customers?
As a Cloud Cybersecurity Researcher, you will design and implement remediation strategies for cloud runtime and posture issues, ensuring responses are as autonomous, effective, and safe as possible. You will collaborate with leading security experts, leverage cutting-edge technologies, and contribute to the vision of an Autonomous SOC.
Your Impact
Develop robust, testable, and safe remediation plans for cloud runtime and posture issues (CSPM, DSPM, CIEM, CNAPP, IAM, etc.)
Conduct in-depth research to identify attacker TTPs and cloud misconfiguration risks, and translate findings into automated response playbooks
Apply data analysis, programming, and modeling techniques to evaluate and optimize remediation approaches
Collaborate within a diverse research group to continuously improve automation processes and methodologies
Stay ahead of evolving threats, including cloud-native attack vectors and advanced adversary tradecraft.

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team.
In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Your Impact
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models
Research specific scenarios to enhance our model's capabilities
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

We are looking for a Security Researcher to join our Windows EDR behavioral detection team.
You will create statistics-based classification algorithms detecting everything from new malware through process behavior and attackers operating in enterprise-scale networks using data from multiple Windows endpoints; from analyzing attack patterns, finding statistical anomalies, and validating that you detect real attacks and APTs on real customer data.
Your Impact
Research new methods to detect various attack techniques by utilizing enormous amounts and varied types of data
Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities
Take an active role in our collection modules by improving the ones that are already available and investigating new collection modules that will improve the quality of our detections
Simulate attacks in the lab and conduct a deep analysis of the behavior
Be part of a diverse research group, improving our research processes and leading us to be a better team, creating a better product
Stay up to date with APTs, attacker methodologies, and TTPs.

We are looking for a Security Researcher to join our research group as part of a growing team developing Autopilot, an innovative product for autonomous investigation and response.
As a core member of the team, you'll go beyond research: youll research, design, and develop investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Your Impact
Research and implement new autonomous methods for investigating and responding to targeted attackers, using large-scale, diverse security datasets
Develop and design the graph-based algorithms that power autonomous investigation and decision-making capabilities
Design automated incident response by developing reusable logic that transforms raw security data and alerts into clear, actionable insights.
Leverage graph algorithms, AI techniques, and statistical methods to mimic and scale human security analyst workflows
Conduct deep, hands-on investigations into modern malware, APTs, and complex attack flows to inform detection and response logic
Stay up to date with attacker methodologies, tools, and techniques (TTPs), ensuring our product remains effective against evolving threats
Contribute to a collaborative, fast-paced research team, helping shape our research strategy, improve processes, and continuously enhance the product.

We are looking for a Senior Windows Security Researcher for our Tel Aviv R&D center.
You will be part of a team that is responsible for researching and improving Windows Anti-Exploit capabilities. This includes having top-notch knowledge about the latest exploitation techniques and Windows internals.
Your Impact
Research vulnerabilities and exploits
Research, develop, and improve anti exploitation mitigations using OS Low-Level mechanisms
Work on the design, evaluation, and implementation of new security technologies
Develop POCs for exploits
Analyze customer issues to help with detecting and preventing Malicious activities in our customers networks
Publish research done internally.

We are looking for a Senior Network Security Researcher to join our NDR behavioral detection team.
You will create statistics-based classification algorithms detecting everything from network entities through process behaviors and attackers operating in enterprise-scale networks using data from multiple network and endpoint sources; from analyzing attack patterns, finding statistical anomalies, choosing the right features, training the right model and validating that you detect the right concept on real customer data with real APTs.
Your Impact
Research new methods to detect targeted attackers operating in networks and endpoints by utilizing enormous amounts and varied types of data
Simulate attacks in Lab environments and conduct a deep analysis of the behavior
Use and develop statistical and machine learning algorithms and techniques to create and improve our analytics detection capabilities
Be part of a diverse research group, improving our research processes and leading us to be a better team creating a better product
Stay up to date with APTs, attacker methodologies, and TTPs.

We are seeking a highly skilled Principal Security Researcher to join our Threat and Detection Group at the Tel-Aviv R&D center.
This team focuses on PANW Cortex Security and Security Assurance features across various operating systems and platforms, including (but not limited to) Linux, Mac, and Cloud. This is an applied research role with a clear mission: your research directly improves the detection and prevention capabilities of our XDR agent.
The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.
You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.
Your Impact
Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
Act as a key research partner with engineering teams to push and validate our product capabilities.
Leverage data-driven approaches to identify threats and propose effective mitigations.

As a Principal Security Researcher on the Cortex Cloud research team, youll lead deep, hands-on security research across cloud and AI environments- from uncovering vulnerabilities and novel attack paths to building the protections that stop them.
Your impact doesnt end with detections. This team is also responsible for driving product innovation: identifying gaps in how cloud environments are secured, finding new ways to close those gaps, and partnering with engineering, product and marketing to take those ideas from a POC to implementation. Whether its a new detection engine, risk signal, or protection method- your research directly shapes the product.
You'll research the AI attack surface in depth, and push the boundaries of what cloud and AI security can achieve. If you're looking for a role where research leads to real-world defense- and product innovation is part of your day job- this is the team.
Key Responsibilities
Research and uncover vulnerabilities and abuse paths in cloud services, with a strong focus on AI, identity, and data pipelines
Collaborate with product and engineering to ship detections and logic based on your findings
Research-driven impact - drive innovation from idea to execution: Identify emerging security gaps, build proof-of-concepts, and partner with engineering, product and marketing to translate research into actual product features and detection logic.
Represent the team through public blogs, conferences and research collaborations with cloud vendorsPublish internal or external research and represent the team at industry events or blogs.
Lead the discovery of novel attack vectors- e.g., cross-tenant access, NHI abuse, RAG poisoning, privilege escalation.

Are you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?
We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux and API security. You'll be a foundational member of a new and growing team dedicated to the "blue ocean" of detection and developing multiple new fields within the biggest cybersecurity enterprise in the world. This is a unique opportunity to apply your expertise and influence the future of threat prevention, helping us build cutting-edge security solutions from the ground up.
Key Responsibilities
Playing a pivotal role in shaping the future of our security solutions
Enhance the effectiveness of our product by designing cutting-edge protection components and developing sophisticated detection rules
Research Linux OS internals, Virtualized environments, and low-level system behaviors to inform and enhance our attack prevention mechanisms
Investigate and develop innovative methods for detecting threats and securing APIs, ensuring robust protection for modern applications and cloud-native environments
Apply sophisticated AI and big data approaches to investigate and research large amounts of data across our clients
Research and lead novel protection ideas to a production-grade level, serving as a subject matter expert
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems and APIs
Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop corresponding mitigation strategies
Work closely with engineering, product management, and other research teams to translate research findings into production-grade features.

We are looking for a Principal Linux Security Researcher for our Tel Aviv R&D center, to work on cortex-xdr for linux, which provides runtime protection to servers and cloud workloads.
You will be part of a team that is in charge of researching, developing and improving Anti-Exploit capabilities, Anti-malware capabilities. The position includes researching OS internals, exploits, malware, delving into cloud security, and finding ways to mitigate new attack vectors.
Your Impact
Research, develop, and improve anti-exploitation mitigations and anti-malware modules - ranging from low-level mitigations up to tackling application-level security vulnerabilities
Work on the design, evaluation, and implementation of new security technologies
Research Linux OS internals, kernel, application codebases, vulnerabilities and exploits (both for internal usage and for PR)
Analyze customer issues to help with detecting and preventing malicious activities in our customers networks.