דרושים » אבטחת מידע וסייבר » Senior Security Researcher

We're looking for a Threat Detection Researcher to join the Threat Research team and spread the power of our company. In this role, you will further develop the Cloud-native Threat Detection domain.
WHAT YOULL DO
Design behavioral baselines for complex cloud environments using diverse signals, and develop high-fidelity detections based on those baselines.
Expand our company's detection engine with novel and high-impact telemetry sources, pushing the boundaries of what can be detected in modern cloud environments.
Conduct deep technical research into complex cloud services to uncover novel attack vectors.
Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
Hunt and analyze emerging threats and active campaigns targeting cloud ecosystems.

Required Sr. Threat Detection Engineer
About the Team:
You'll be joining our Cloud Content Research team, a team focused on stopping real-world adversaries targeting cloud infrastructure. Our unique position within allows us to work closely with our Threat Intelligence, OverWatch, and Incident Response teams, translating front-line observations of adversary tactics into effective detection capabilities. We combine deep cloud security expertise with innovative detection engineering to identify and stop sophisticated cloud threats. Our team creates advanced detection content and drives innovation in cloud security through close collaboration with Product and Engineering teams, who develop new detection capabilities based on our insights and requirements. We focus on both strategic research into emerging cloud attack techniques and rapid response to evolving adversary tactics observed in the wild.
About the Role:
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.
What You'll Do:
Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics
Create correlation logic and between runtime events and control plane activities
Design and implement detection logic across multi-cloud and hybrid environments
Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities
Partner with Product and Engineering teams to enhance detection capabilities.

Were looking for a hands-on AI Cyber Intelligence Engineer - in the domain of network attack surface. Someone who lives and breathes network security, loves exploring how attackers move through real environments, and is excited to shape how AI can automate and extend that process.
In this role, youll analzse real-world environments, identify potential attack vectors, and work closely with our AI engineering teams to translate your domain expertise into actionable, intelligent workflows. Youll play a key role in guiding how our platform learns to think and act like a top-tier security analyst.
Responsibilities
Analyse complex network environments, configurations, and security controls to map topologies and identify weaknesses or lateral movement paths.
Research and model attacker behaviour and detection strategies, guiding how AI systems reason about threat scenarios.
Collaborate with AI engineers to shape agentic flows - defining the logic, prompts, and reasoning patterns that replicate expert investigative thinking.
Conduct hands-on assessments of enterprise networks to validate and improve automated detection and response capabilities.
Stay current on evolving attack tactics, network security technologies, and AI-driven threat detection trends.
Act as a security subject matter expert for cross-functional engineering teams.

Required Senior Cloud Security Researcher (Cortex)
Your Career
Are you passionate about innovation in cloud security and want to redefine how Security Operations Centers (SOCs) leverage both agent and agentless technologies for detection and response? Join our cutting-edge Security Research team and lead the development of next-generation cloud detection and response solutions. In this role, you will define detection use cases, analyze threat data, and create advanced security content to protect against evolving threats in cloud environments. Be part of an exceptional team of researchers and engineers dedicated to safeguarding our customers. This is your opportunity to dive into pioneering technologies that integrate cloud security with innovative detection methodologies in a world-leading cybersecurity company.
Your Impact
Conduct ongoing research to identify and develop new detection techniques for both agent-based and agentless cloud technologies
Stay ahead of Advanced Threats, attacker methodologies, and Tactics, Techniques, and Procedures (TTPs) to ensure our solutions remain proactive and effective against emerging threats
Simulate real-world attack scenarios in lab settings, performing in-depth analysis of adversarial behaviors and their implications for cloud security
Foster a collaborative atmosphere within an experienced, diverse, and supportive research team, driving forward new and innovative ideas in cloud detection and response.

Were hiring our first Product Security Researcher (SOC & Incident Response) to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.
Responsibilities
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Required Senior Security Researcher - Cloud - Security Automation (Cortex)
Your Career
Are you passionate about taking automation to the next level? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive team that will have an impact on the lives of many customers?
As a Cloud Cybersecurity Researcher, you will design and implement remediation strategies for cloud runtime and posture issues, ensuring responses are as autonomous, effective, and safe as possible. You will collaborate with leading security experts, leverage cutting-edge technologies, and contribute to the vision of an Autonomous SOC.
Your Impact
Develop robust, testable, and safe remediation plans for cloud runtime and posture issues (CSPM, DSPM, CIEM, CNAPP, IAM, etc.)
Conduct in-depth research to identify attacker TTPs and cloud misconfiguration risks, and translate findings into automated response playbooks
Apply data analysis, programming, and modeling techniques to evaluate and optimize remediation approaches
Collaborate within a diverse research group to continuously improve automation processes and methodologies
Stay ahead of evolving threats, including cloud-native attack vectors and advanced adversary tradecraft.

We're looking for a Manager to lead a security research team for detection and response across cloud environments. This is an opportunity to lead an exceptional group of researchers working on a startup-level product within the largest security company, helping revolutionize how organizations protect their Kubernetes and hybrid cloud environments.
Your Impact
Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure.
Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments.
Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms.
Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts.
Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content.
Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions. Represent the team and share insights with the security community through blogs, conference talks, and publications.

Were hiring our first Security Researcher to join our newly formed Security Research function- a critical role for someone passionate about advancing real-world SOC operations with deep cybersecurity expertise.
We are building a world-class Security Research team that will power our advanced product with deep, actionable cybersecurity expertise. This team will serve as the Subject Matter Experts (SMEs) behind our triage and Incident Response platform, defining logic, contributing threat intelligence, building use-case coverage, and continuously optimizing detection and investigation workflows.
Youll collaborate closely with Product, Engineering, and Customer Success to ensure our Auto-Triage engine reflects the latest adversarial techniques and real-world SOC operations.
Responsibilities
Serve as a domain expert in SOC workflows, alert triage, and incident response.
Design and maintain triage logic, playbook blueprints, AI Agents and more for responding to security events.
Develop and maintain alert enrichment, correlation, and classification rules across multiple data sources (EDR, SIEM, Identity, etc.).
Collaborate with product teams to define use cases, threat coverage, and analyst workflows.
Analyze real-world alerts, telemetry, and incident data to enhance product accuracy, reduce false positives and improve incident handling.
Evaluate and curate threat intelligence feeds and sources to support automated decision-making.
Conduct post-incident reviews to extract lessons and update triage logic accordingly.
Stay current with emerging threats, attacker TTPs, MITRE ATT&CK, and other frameworks.
Assist with quality assurance, testing, and validation of triage logic before deployment.

Required Principal Security Researcher, Data & AI (Cortex)
Your Career
Are you passionate about using cutting-edge technology to help protect the world against cyber threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive AI security group that has an impact on many customers?
You will be part of a strong security research and data science team who solve highly complex security challenges using disruptive technologies, ML algorithms and a lot of data.
As part of that, you will take part in the design and development of new groundbreaking AI security solutions which make a direct impact on many customers.
We value diverse viewpoints and experiences, as we are solving complex cyber security challenges. We are committed to a safe and inclusive workspace.
Your Impact
Transform Data into Defense:Take the lead in creating high-fidelity security incidents from a massive stream of alerts generated by our industry-leading advanced security solutions
Innovate with AI: Actively participate in cutting-edge research projects focused on creating novel prevention content at scale using state-of-the-art AI and Large Language Models (LLMs)
Drive Security Efficacy: Analyze complex threat data to identify attacker patterns, develop new prevention methodologies, and enhance automated flows to rapidly protect Cortex platform customers
Collaborate and Lead: Work side-by-side with top-tier data scientists, engineers, and product managers to translate research ideas into tangible, customer-facing security protections.

Required Senior Security Researcher - Identity - Security Automation (Cortex)
Your Career
Are you passionate about advancing automation in identity security? Do you thrive at the intersection of research, innovation, and large-scale impact? As a Senior Security Researcher, you will drive the design of autonomous response strategies to counter identity-based threats, misconfigurations, and abuse scenarios. Your research will directly shape the Cortex platforms ability to remediate identity-driven attacks, ensuring effective, safe, and scalable automation for our customers. You will collaborate with world-class researchers and engineers to deliver on the vision of the Autonomous SOC.
Your Impact
Lead the design and implementation of robust, testable, and safe remediation playbooks for identity-related threats (e.g., privilege escalation, credential abuse, lateral movement, IAM misconfigurations).
Conduct deep research on adversary TTPs targeting identity systems and translate insights into automated detection and response mechanisms.
Drive innovation in identity security automation by applying data analysis, modeling, and programming to refine remediation strategies.
Serve as a subject-matter expert and mentor within the research group, elevating the teams overall expertise in identity security.
Stay ahead of evolving identity-based attack vectors, cloud-native identity risks, and advanced adversary tradecraft to ensure our automation keeps pace with threats.