דרושים » אבטחת מידע וסייבר » Principal/Senior Windows Exploit Researcher (Cortex)

Requirements:
5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
Offensive security mindset with the ability to flip to the defensive side - finding attacks and building mitigations
Strong analytical skills - comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
Familiarity with operating system internals (Windows and/or macOS)
Hands-on experience with reverse engineering or dynamic/static analysis tools
Ability to write code for automation, tooling, and proof-of-concepts
Strong written and verbal communication - ability to write compelling research and present at conferences
Nice to have:
Solid understanding of web and browser security fundamentals
Experience with browser internals or browser extension security
Background in endpoint security, EDR, or DLP
Experience with static analysis tools (Semgrep, CodeQL, Joern, or similar)
Knowledge of software supply-chain attack patterns
Published security research - blog posts, CVEs, or conference talks (Black Hat, DEF CON, BSides, etc.)

Requirements:
Required Qualifications
5+ years of experience in cybersecurity research, with a proven track record of impactful projects.
Good knowledge of Linux OS internals, including both user and kernel space.
Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs.
Hands-on experience in real-world threat hunting, incident response, or detection engineering.
Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs.
Excellent problem-solving skills and a passion for cybersecurity innovation.
Ability to work independently, take initiative, and collaborate effectively in a team environment.
Preferred Qualifications
Background in EDR/XDR products or security solution development.
Experience in reverse engineering, including familiarity with debugging and disassembly tools such as GDB, IDA Pro, or Ghidra.
Experience in advanced data analysis, statistics, or machine learning for security applications.
Experience with Linux kernel development or vulnerability research.
Familiarity with virtualization platforms (e.g., ESXi/vCenter).

Requirements:
4+ years of experience in cyber security, with significant hands-on experience in malware research focused on APTs and state-linked actors.
Strong proficiency with RE tools such as IDA Pro, Ghidra, x64dbg/WinDbg, and common dynamic analysis/sandbox environments.
Deep understanding of OS internals (Windows/Linux/Android/Mac), common persistence and execution techniques, and modern offensive tradecraft.
Demonstrated experience extracting configs, C2 endpoints, and capabilities from both compiled and scripted malware.
Strong investigative mindset, attention to detail, and ability to work with incomplete or obfuscated data.
Experience researching or defending government or critical infrastructure organizations- Advantage.

Requirements:
7+ years of experience in cyber security, with significant hands-on experience in malware research focused on APTs and state-linked actors.
Strong proficiency with RE tools such as IDA Pro, Ghidra, x64dbg/WinDbg, and common dynamic analysis/sandbox environments.
Deep understanding of OS internals (Windows/Linux/Android/Mac), common persistence and execution techniques, and modern offensive tradecraft.
Demonstrated experience extracting configs, C2 endpoints, and capabilities from both compiled and scripted malware.
Strong investigative mindset, attention to detail, and ability to work with incomplete or obfuscated data.
Experience researching or defending government or critical infrastructure organizations- Advantage.

Requirements:
Required Qualifications
Experience managing a technical research or R&D team.
5+ years of experience in security or threat research, with a proven track record of delivering actionable insights and real-world impact.
Experience driving projects from concept to execution with a strong sense of ownership.
Intimate knowledge and understanding ofattack methods and techniques (TTPs) over endpoints and enterprise networks.
Technical proficiency in Python, including experience providing code reviews for team members and adhering to best practices.
Ability to work with and extract meaningful insights from large-scale datasets, including strong foundational knowledge of basic statistics.
Excellent people management, verbal, and written communication skills, with a proven ability to collaborate across organizational boundaries.
Preferred Qualifications
In-depth knowledge of the inner workings of operating systems (especially Windows internals).
Experience in designing and implementing behavioral detection/investigation systems.
Experience working with graph DB and algorithms
Advanced background in statistics, data studies, or machine learning.

Requirements:
6+ years of experience in security or threat research in which you conducted deep research with actionable conclusions and impacts
Intimate knowledge of OS internals (Windows/Linux) and networking
Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
Experience delivering security detections in customer-facing product(s)
The ability to learn independently, to be self-driven and goal-oriented
Excellent communication and teamwork skills
ADVANTAGE
Hands-on experience with malware analysis/reverse engineering/vulnerability research
Familiarity with notable threat actors and threat intelligence analysis
IR/red-team/threat-hunting experience.

Requirements:
5+ years of experience in Windows internals, low and high-level attack-oriented development, penetration testing, and offensive security.
3+ years of experience in Python development.
Demonstrated skill in writing cyber-related code optimized for performance, memory, and stealth.
Experience with attack frameworks and tools such as Metasploit, Nmap, Cobalt Strike, Impacket, Burp, Pacu, and similar.
Proficiency in reverse engineering and debugging (e.g., IDA, Radare2, WinDBG) for low-level research.
Familiarity with cloud ecosystems and hybrid environments, specifically AWS, Azure.
Ability to apply AI or machine learning concepts and models to decision-making processes within the automated attack platform.
Excellent teamwork, adaptability, and a quick learning mindset.

Requirements:
B.S. degree in Computer Science or a related field, or equivalent work experience.
At least 5 years of R&D experience.
In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques.
In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing.
Some prior experience performing open-ended research when given high-level requirements and details of the desired output.
Experience with pen-testing, researching, discovering, or publishing vulnerabilities.
Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb).
Experience with C or C++, Assembly (x86/x64 and/or ARM/ARM64) and / or scripting languages.
One or more security related certifications (e.g. OSCP).
At least a years experience with Nessus Sensor and working with the NASL language.
An understanding of NASL coding standards.
Prior experience performing open-ended research when given high-level requirements and details of the desired output.
Some experience with reviewing code and providing feedback.
Experience with understanding and implementing RFC standards and protocols.
Experience with Python programming language.
Experience with systems administration and be comfortable working at the command line.
In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques.
In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing.
Some prior experience performing open-ended research when given high-level requirements and details of the desired output.
Some exposure to security standards such as NIST 800-53, CIS, or DISA STIGS.
In-depth protocol analysis and interaction. Solid knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing.
Experience with crash dump analysis and exploit development.
Experience writing blogs and whitepapers to showcase research as well as presenting at security conferences.
Ability to sit and work at a computer for extended periods of time.
Some travel may be required.

Requirements:
The ideal candidate will have:
3+ years of experience in the cybersecurity field, including:
Strong reverse engineering skills.
A proven interest in offensive research and vulnerability exploitation.
At least 2 years in penetration testing or a research-focused role.
[Advantage] Experience with embedded systems (either in research or development).
Ability to understand and analyze complex systems and identify critical security gaps.
[Advantage] Familiarity with automotive technologies (e.g., communication protocols, system architecture).
A hands-on approach to problem-solving and a passion for learning new technologies.
A creative mindset and a hackers curiosity.

Requirements:
Proven expertise in security research, methodologies, technologies, and tools.

Minimum of 5 years experience in cloud security research

Excellent problem solving, communication, and teamwork skills.

Experience with cloud-native services, infrastructure, and environments.

Experience with threat research and misconfiguration identification.

Comprehensive knowledge of cloud platforms (AWS, Azure, GCP) and their security features.

Excellent conceptual thinking and communication skills, capable of conveying complex ideas effectively.

Nice to have: Experience publishing security research papers and delivering conference talks.