דרושים » אבטחת מידע וסייבר » Product Security Researcher (SOC & Incident Response)

Were hiring our first Security Researcher to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.
Responsibilities
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Were looking for a Security Research Manager to lead a team focused on two of the fastest-growing domains in cybersecurity: autonomous investigation and response (Autopilot), and macOS detection and response. This is a unique opportunity to lead an exceptional team of researchers within the largest security company in the world, helping to revolutionize threat detection, investigation and response through patent-grade capabilities.
Your Impact
Lead, mentor, and grow a team of talented security researchers
Drive the inception, strategy and execution of our autonomous investigation and response solution (Autopilot)
Drive the strategy and execution of research initiatives to uncover novel techniques to detect and respond to sophisticated attacks targeting macOS endpoints
Define and prioritize detection and investigation use cases, relevant datasets, and innovative approaches based on runtime visibility, statistic algorithms and threat intelligence
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content
Foster collaboration across research, engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

We're looking for a Manager to lead a security research team for detection and response across cloud environments. This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Your Impact:
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

We are looking for a Senior Threat Researcher for its Tel Aviv R&D center.
The team is in charge of maintaining an up-to-date overview of the threat landscape, with emphasis on two main focus areas - cybercrime and nation-state APT research. The team conducts a proactive research using our vast telemetry in combination of external sources, to uncover unknown malware, TTPs, campaigns, and threat actors. The insights gleaned from the research are then translated into actionable intelligence deliverables to improve the overall product coverage. In addition, the team publishes many of its findings in our Unit42 blog.
Your Impact
Track and monitor the security threat landscape, using various information sources to raise flags for gaps and to improve security coverage
Reverse engineer and analyze malware and hack tools used by various threat actors
Discovering new behavioral anomalies and TTPs used by threat actors and assisting in creating relevant mitigations
Write threat intelligence reports and blogs (Technical English fluency - is a must!)
Present your research in internal and international security conferences
Work closely with other domestic and international research teams to collect and disseminate threat intelligence and improve the overall products security coverage.

Were seeking an AI Innovation Security Researcher to serve as the critical link between our AI development team and our security experts. In this role, you will:

Translate real-world security challenges into AI-driven solutions
Shape prompt strategies and model workflows for security use-cases
Contribute to AI system developmenthelp architect, prototype, and iterate on models and pipelines
Design and execute rigorous benchmarks to evaluate the performance of security-focused AI tools
Your work will power capabilities such as automated exploitability checks for SAST/SCA findings, AI-guided remediation of container vulnerabilities (e.g. Dockerfile misconfigurations, unsafe downloads), and detection/analysis of data leaks. Youll also help amplify our thought leadership by authoring blogs and delivering conference talks on cutting-edge AI-security topics.

Key Responsibilities

Research & Benchmarking

Define evaluation frameworks for AI models tackling security tasks
Build test suites for exploitability analysis (e.g. proof-of-concept generation, severity scoring)
Measure and report on model accuracy, false-positive/negative rates, and robustness
AI Collaboration & Development

Work with ML engineers to craft and refine prompt templates for security scenarios
Contribute to model architecture design, fine-tuning, and deployment workflows
Investigate model behaviors, iterate on training data, and integrate new AI architectures as needed
Security Expertise & Tooling

Apply deep knowledge of static and software composition analysis (SAST/SCA)
Analyze container build pipelines to identify vulnerability origins and remediation paths
Leverage vulnerability databases (CVE, NVD), threat modeling, and risk assessment techniques
Content Creation & Evangelism

Write technical blog posts, whitepapers, and documentation on AI-driven security solutions
Present findings at internal brown-bags and external conferences
Mentor teammates on AI security best practices

We are seeking a highly skilled and experienced Lead Security Researcher to join our team to help us provide security automation solutions for our customers.

Your responsibilities
Lead and expand the security content library, developing pre-built security workflows and automation playbooks for all customers.
Ideate security solutions to automate the real-world industry pains using the Blink platform.
Participate in customer calls for discovering/improving security use cases and consult regarding security operations
Stay updated with the latest cybersecurity trends, threats, and technologies to inform research and development efforts.
Act as the security knowledge center in the organization and establish internal security policies.

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team.
In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Your Impact:
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments.
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior.
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models.
Research specific scenarios to enhance our model's capabilities.
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product.
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

We are seeking a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key part in enhancing our Endpoint Detection and Response (EDR) agent by prototyping new protection components and techniques and developing advanced malware prevention strategies. You will work on identifying, analyzing, and mitigating sophisticated threats, Working closely with various teams to drive innovation.
The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.
You will focus primarily on our cutting-edge agent technology, with an emphasis on real-time prevention on Windows endpoints. A deep understanding of the Windows Operating System is essential
Your Impact
Playing a pivotal role in shaping the future of our security solutions.
enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or improve existing mitigation capabilities.
Respond to malware-based security events at clients networks.
Stay up to date with current malware and APT techniques.
You will provide feedback to the product management team on new feature requests and product enhancements from our customer base
Find new malware techniques and APT attacks including analysis of caught-in-the-wild malware.

Were looking for a top-notch Threat Detection Researcher to join our team
WHAT YOULL DO

Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

We are seeking a highly skilled Senior Security Researcher to join our R&D team and drive advanced research in application security and emerging threats. The ideal candidate will have deep technical expertise, hands-on capabilities, and a passion for exploring and innovating in the cybersecurity domain. You will be responsible for researching vulnerabilities, building POCs, and developing new detection and mitigation methods.

What will you do?
Conduct advanced security research with a focus on application security (AppSec).
Perform in-depth analysis of the HTTP protocol, identifying potential attack vectors.
Design, implement, and execute POCs for security findings.
Research and evaluate security implications of emerging technologies, including AI-based applications.
Collaborate with engineering teams to integrate security solutions into products.
Write algorithms and explore machine learning approaches for threat detection and prevention.
Stay up-to-date with the latest security trends.