דרושים » אבטחת מידע וסייבר » Senior Windows Detection Engineer

The Research team at our company takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision.
Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.


Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:

Play a lot with the web-browsers, trying to find differences in behavior between them.

Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection

Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.

Understand customer specific requirements, deliver with impact and exceed customer expectations.

Discover adversary tactics, techniques, and procedures leveraged by bots.

Create and validate data insights to enhance detection excellence.

Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.

Find bad stuff on the internet, see if you can figure out how it is done, document it.

Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.

Contribute high impact work that substantially benefits team level metrics and OKRs.

Develop techniques, tools and scripts to simplify yours and others work.

Lead and grow the team in charge of researching and developing Autopilot, an innovative product for graph-based fully-autonomous investigation and response (Over the Cortex platform).
As the manager of the Autopilot team, you'll lead a team of security researchers, set the project's technical vision and standards, and own its success.
You will lead an innovative team on the research, design, and development of a new graph-oriented security product. Creating investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
You'll work closely with other development and product teams to turn a successful POC into a full-fledged product, staying agile in a dynamic environment and using data-driven empirical research to determine and drive the project in the best direction.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Lead and developa team of security researchers, providing mentorship, guidance, and continuous feedback to help them grow their careers (Manage the team, develop the people).
Drive the research strategy and executionfor new autonomous methods for investigating and responding to targeted attackers, leveraging large-scale XDR data and graph-based algorithms.
Ensure collaboration with engineering, product, and other research teams, acting as a key interface to push the project forward and align on cross-functional goals.
Direct the team's work on deep, hands-on investigations of real incidents to reinforce the best investigation and response approach, leveraging a combination of os-internals, TTPs, semi-labeled data, and large-scale statistical methods.
Foster a disruptive environment that innovates using advanced techniques such as graph algorithms, machine learning, and LLM agents to mimic and scale human security analyst workflows.

Required Senior Malware Researcher
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Dream-Maker Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

At our company, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.
We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents. By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability.
As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.
About Your Day-to-Day
As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

We are seeking a Senior/Principal Linux Security Researcher for our Tel Aviv R&D center to advance our Cortex-XDR Agent for the Linux platform, which provides runtime protection to servers and cloud workloads. In this role, you will be a key member of a team responsible for researching, developing, and improving our Anti-Exploit and Anti-Malware capabilities. Your work will involve deep exploration of OS internals, exploits, malware, delving into cloud security, and finding ways to mitigate new attack vectors.
Key Responsibilities
Research, develop, and improve state-of-the-art endpoint security solutions focused on comprehensive prevention. This includes broad defense against attack classes like malware and exploits, spanning from low-level mitigations to application-level security
Research Linux OS internals, kernel, application codebases, vulnerabilities, malware and exploits
Respond to security events coming from customers, in the context of malware and exploitation prevention.

We are seeking a Cyber Research Architect to join our cutting-edge Research Group. This is a full-time hybrid role where you will play a key part in shaping how our products evolve from a cyber perspective, operating as an innovation hub within the company.

You will have the freedom to explore new domains, identify gaps in our products, and pioneer techniques that will directly shape our product architecture and capabilities. From researching emerging technologies to discovering vulnerabilities and developing advanced attacks, you will push the boundaries of whats possible in automated offensive security.

Roles and Responsibilities:

Lead offensive research and vulnerability discovery across diverse and emerging technologies, identifying novel attack surfaces and spearheading new research domains.
Pioneer research into AI/ML systems and LLM-based applications, uncovering adversarial tactics and developing unique attack vectors.
Directly shape product architecture by converting research insights into scalable, high-fidelity offensive capabilities and sophisticated attack modules.
Architect and build advanced tools and frameworks that automate and scale security research operations across the organization.
Identify and emulate the most sophisticated real-world cyber attacks to continuously evolve the company's automated security validation engine.

We are looking for a Security-First Product Manager to join our team during a breakthrough stage of growth. This is an ideal role for Product Managers who bring direct, firsthand experience from a Security Operations Center (SOC), including former security practitioners or analysts. You will be responsible for building the "opinionated" tools you wished you had while working in the SOC. You will be working at the intersection of security research and core engineering to define how complex security data is transformed into automated, high-confidence outcomes.

What Youll Be Doing

Become an expert in all product aspects (flows, features, infrastructures, and market).
Translate security research and stakeholder requirements into clearly defined, prioritized platform capabilities and automated logic.
Lead the inbound product lifecycle, working day-to-day with engineering and research teams to build robust analysis and investigation automation blocks and data schemas.
Make critical and important decisions with respect to time, features, resources, and quality to meet the business objectives.
Analyze product performance and usage data to identify opportunities for learning and improving the precision of our autonomous engine.

our company is the world leader in accelerated computing, defining the future of ai and high-performance networking. we are seeking a highly skilled and proactive senior Cyber security threat intelligence (cti) analyst to join the networking product security team. in this critical role, you will function as a key defender of the technologies powering the worlds largest ai clusters. you will act as the eyes and ears of our product security organization, conducting investigative research into sophisticated adversaries and translating complex threat data into actionable intelligence. this is a hands-on role where your insights will directly influence our defensive posture and help eliminate threats before they manifest in the core of global ai infrastructure.
what you will be doing:
you will serve as the intelligence core of our team dedicated to identifying, analyzing, and mitigating threats against our products and ecosystem:
lead deep-dive osint and webint research to identify emerging threats, conducting intelligence collection and analysis that leads to clear, actionable mitigation recommendations.
leverage scripting ( Python, bash, etc.) and generative ai tools to automate intelligence collection, triage, and analysis workflows.
analyze advanced persistent threats (apts) and sophisticated adversaries, collaborating with multi-functional teams to detect, track, and eliminate potential risks to our networking portfolio.
apply extensive insight into cyber operation phases to map adversary behavior, anticipate future movements, and harden our product development lifecycle with adoption of security improvements.
drive threat hunting methodologies, proactively searching for indicators of compromise (iocs) and hidden vulnerabilities within the products.
translate complex technical findings into strategic intelligence reports for both technical collaborators and leadership, ensuring a clear and unified insight into the threat landscape.
collaborate closely with incident response and engineering teams to ensure intelligence findings are seamlessly coordinated into other defensive tools and product security processes.

We are looking for a versatile and innovative Attack-oriented Cyber Researcher to join our R&D team and become part of the revolution. You will conduct state-of-the-art research across multiple environments, ranging from Windows internals and kernel-level security to cloud platforms like AWS, Azure, Web technologies, etc' to stay one step ahead of real threat actors.

Your findings, your code and attack tools will feed directly into our automated attack platform, enhancing its capabilities with new offensive techniques and AI-powered decision-making algorithms.



Roles and Responsibilities:

Perform in-depth research in multiple areas such from AV/EDR evasion, binary exploitation, vulnerability discovery, and subversion of communication channels across both OS-level, domains, cloud-native domains, external surfaces.
Integrate research outputs into production-grade attack functionalities within our automation ecosystem.
Architect and develop AI-driven decision-making modules that enable the platform to mimic experienced attackers, making real-time choices during automated operations.
Develop production-ready attack capabilities using whatever technologies are necessary, Python, C/C++, C#, Java, Office Macros, Bash, PowerShell, Go, Ruby, Assembly, etc.
Mentor and collaborate with fellow R&D team members, fostering a culture of innovation and continuous learning.

We're building something special in our Israel-based Offensive Security organization, and we're hiring multiple people across three key areas:
Penetration Testing
Red Team Product
Security Research
While these roles share a common foundation in offensive security tradecraft, each brings its own unique focus and impact.
We're looking for deep expertise in at least one of these areas, with the ability to grow across others. We have multiple openings and are looking for talent at various levels. As we get to know you through the interview process, we'll work together to identify the best fit matching your expertise and interests with the specific role and level (Senior, Lead, or Principal) that makes the most sense for both you and the team.
Role Overview
We are seeking a highly skilled offensive security professional to join our elite team. This role is ideal for someone who thrives on breaking systems, finding creative attack paths, and using their findings to drive meaningful security improvements across Salesforce's products and infrastructure.
You will work alongside some of the best minds in security, operating with significant autonomy and impact. Whether you specialize in deep application level penetration testing, red teaming, security research or vulnerability discovery, we want to hear from you-you don't need to be an expert in all three domains. What unites these roles is a relentless attacker mindset, a drive to find and demonstrate real-world impact, and the ability to translate offensive findings into lasting security improvements.
Responsibilities
Conduct advanced penetration testing, red team operations, or security research targeting Salesforce's cloud infrastructure, applications, and services
Discover, exploit, and document security vulnerabilities using creative and methodical approaches
Develop custom tools, exploits, and attack techniques to simulate real-world adversaries
Collaborate with product teams to remediate vulnerabilities and improve secure design practices
Contribute to the maturity of our offensive security program through automation, tooling, and process improvements
Mentor and share knowledge with team members, fostering a culture of continuous learning
Present findings and security insights to technical and executive audiences
Stay ahead of emerging threats, attack techniques, and offensive security tradecraft