דרושים » אבטחת מידע וסייבר » Research Engineer (Cyber security)

We are looking for proactive, analytical, talented people to join the Security Content team.
As a Research Engineer (Security Network & Apps), you will add content to our security and network products such as NGWF, CASB, DLP, and more.
Using agentic AI tools (Claude code, Cursor) and modern big data analysis frameworks (Redash, Athena), and network and web analysis tools to analyze network protocols and application traffic.
Joining us is an excellent opportunity for network security enthusiasts who are passionate about the future of Networking and Security.
Responsibilities:
Research and analyze network and application behavior as part of our security products (NGFW, CASB, DLP, and more).
Lead cross-team projects to deliver product development outcomes in partnership with Engineering and Product.
Focus on the customers impact and understand the business perspective.
Suggest and conduct new research vectors.
Work with AI tools and coding agents to automate your work and improve efficiency.
Utilize Catos Data Warehouse with big-data technologies to support your work.

We are expanding our Research Team and are looking for a Junior Malware Researcher with a strong technical mindset, excellent communication skills, and a passion for problem-solving.
As a Malware Researcher, you will be responsible for hunting emerging malware and malvertising campaigns and developing effective detection methods to protect global customers. You will work closely with the R&D and Product teams and be part of a friendly, professional team based in Tel Aviv, supporting customers worldwide.
Responsibilities:
Detect, monitor, and hunt new malvertising and malware threats
Research new attack vectors, delivery methods, and evasion techniques
Develop and improve detection logic and signatures
Investigate malicious campaigns using internal tools, databases, logs, and external intelligence sources to uncover hidden patterns
Analyze web traffic, scripts, redirects, and network behavior to identify malicious activity
Collaborate with R&D and Product teams to translate research into production-grade protections
Contribute to internal documentation, research reports, and best practices to improve knowledge sharing and support processes

Required Security Researcher
The Dream Job
We are on an expedition to find you, someone who is passionate about creating intuitive, out-of-this-world security research. You'll help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
The Dream-Maker Responsibilities
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams.

Are you an innovative security researcher with a deep understanding of the cyber threat landscape and a passion for protecting modern environments? Do you want to tackle the challenge of securing enterprise networks against evolving threats?
We are seeking a highly skilled professional to focus on the critical, fast-paced domain of Virtualization Security. As a foundational member of a newly formed and growing team, you will explore the 'blue ocean' of threat detection, pioneering next-generation capabilities within the worlds largest cybersecurity enterprise. This is a unique opportunity to apply your expertise and influence the future of threat prevention-helping us build cutting-edge security solutions from the ground up.
Key Responsibilities
Conduct deep research into virtualization technologies, and targeted attacks to fortify our attack prevention mechanisms.
Stay current with the latest attacker methodologies, APT campaigns, and Tactics, Techniques, and Procedures (TTPs) targeting virtualization systems.
Analyze emerging threats and malware to identify new techniques and formulate effective detection and prevention strategies.
Leverage AI and big data methodologies to investigate and analyze extensive datasets across our customer base.
Design cutting-edge protection components and develop sophisticated detection rules to enhance the effectiveness of our security solutions.
Drive the research and development of novel protection concepts, seeing them through to production-grade quality, and serve as a subject matter expert in the field.
Play a pivotal role in shaping the future of our security product offerings.
Collaborate closely with Engineering, Product Management, and other research teams to seamlessly translate research findings and insights into new production features.

We are seeking a Security Research Team Leader to join our team of highly skilled professionals, which includes security researchers, operations analysts, and data scientists.
This team continuously hunts for threats, evaluates emerging attack vectors, and develops innovative detection techniques in the field of malvertising and advertising security. Our mission is to protect customers from attacks generated by malicious advertisements (malvertising).
What You'll Do:
Lead detection innovation. Design and implement new methodologies to identify and stop malvertising attacks before they reach end users.
Drive signal research. Research and develop signal-collection strategies across mobile and desktop environments to strengthen detection and enhance customer protection.
Expand scanning capabilities. Devise approaches to overcome bot detection mechanisms and ensure comprehensive website coverage.
Deliver customer impact. Understand customer-specific security requirements, translate them into actionable research, and consistently exceed expectations.
Map adversary behavior. Discover and document the tactics, techniques, and procedures (TTPs) employed by malvertisers and related threat actors.
Elevate data-driven detection. Create and validate data insights that enhance detection quality and drive measurable improvements in protection efficacy.
Share knowledge broadly. Publish security research through blog posts, internal knowledge bases, conference presentations, and external engagements - translating complex discoveries into clear, impactful narratives.
Hunt threats proactively. Identify malicious activity across the internet, reverse-engineer attack execution, and produce thorough technical documentation.
Stay ahead of the curve. Continuously monitor the cybersecurity landscape for trends, emerging threats, and developments relevant to our mission.
Mentor and lead. Contribute high-impact work that moves team-level metrics, while actively providing leadership, guidance, and mentorship to peers and junior researchers.
Build better tools. Develop techniques, scripts, and tooling to streamlne workflows and amplify the broader team's productivity.

As the Manager of the Rapid Response (RR) team, you will lead a group of malware analysts responsible for developing, improving, and deploying our rapid anti-malware prevention capabilities. Your team is on the front lines of statically analyzing urgent customer issues, stopping malicious activities in their tracks, and developing to halt attacks at the earliest possible stage. In this role, you will guide the teams technical direction, drive automation initiatives, and act as the critical bridge between frontline support, global research, and engineering.
Key Responsibilities
Lead, mentor, and develop a team of fast-paced malware analysts, fostering a "play to win" culture.
Oversee the daily triage, investigation, and resolution of urgent customer escalations, specifically False Positive (FP) and False Negative (FN) malware prevention events - ensuring swift and accurate mitigation.
Drive the team's automation efforts, identifying opportunities to automate routines to reduce response times and scale the team's capabilities.
Direct the analysis of emerging malware families, OS internals, and attack frameworks to ensure the team maintains an up-to-date overview of the current threat landscape.
Guide the development of rapid, high-quality prevention signatures (e.g., YARA, IPS) to enhance product coverage.
Act as the primary technical escalation point and work in close coordination with global research teams, support, engineering, and other cross-functional stakeholders.

The Cloud Research team is an integral part of the Falcon Cloud Security product, tasked with the critical mission of safeguarding cloud environments through innovative detection and response capabilities. This team is works in unison to ensure our customers cloud environments are secure against the ever-changing threats in the security landscape.

As a senior researcher on the team, you will play a pivotal role in conducting security research, and translating it directly into security value for our customers.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments.

You will also get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of our cloud detection capabilities ensuring our customers are secured with the most advanced security measures.

What You'll Do:

Initiate and conduct Cloud Research Initiatives: follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Provide cloud security thought leadership: Share insights and best practices with the broader security community through publications, conference presentations, and technical blogs.

We are looking for a Senior Security Researcher to join our Identity Threat Detection and Response team. In this role, you will research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities. You will focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.
Key Responsibilities
Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments.
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior.
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models.
Research specific scenarios to enhance our model's capabilities.
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product.
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

Lead and grow the team in charge of researching and developing Autopilot, an innovative product for graph-based fully-autonomous investigation and response (Over the Cortex platform).
As the manager of the Autopilot team, you'll lead a team of security researchers, set the project's technical vision and standards, and own its success.
You will lead an innovative team on the research, design, and development of a new graph-oriented security product. Creating investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.
You'll work closely with other development and product teams to turn a successful POC into a full-fledged product, staying agile in a dynamic environment and using data-driven empirical research to determine and drive the project in the best direction.
Youll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.
Key Responsibilities
Lead and developa team of security researchers, providing mentorship, guidance, and continuous feedback to help them grow their careers (Manage the team, develop the people).
Drive the research strategy and executionfor new autonomous methods for investigating and responding to targeted attackers, leveraging large-scale XDR data and graph-based algorithms.
Ensure collaboration with engineering, product, and other research teams, acting as a key interface to push the project forward and align on cross-functional goals.
Direct the team's work on deep, hands-on investigations of real incidents to reinforce the best investigation and response approach, leveraging a combination of os-internals, TTPs, semi-labeled data, and large-scale statistical methods.
Foster a disruptive environment that innovates using advanced techniques such as graph algorithms, machine learning, and LLM agents to mimic and scale human security analyst workflows.