As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!

Your Career

Palo Alto Networks, Cortex XDR research is looking for a Principal Threat Researcher for its Tel Aviv R&D center.

The team is in charge of maintaining an up-to-date overview of the threat landscape, with emphasis on two main focus areas - cybercrime and nation-state APT research. The team conducts a proactive research using Palo Alto's vast telemetry in combination of external sources, to uncover unknown malware, TTPs, campaigns, and threat actors. The insights gleaned from the research are then translated into actionable intelligence deliverables to improve the overall product coverage. In addition, the team publishes many of its findings in Palo Alto's Unit42 blog.

Your Impact

• Track and monitor the security threat landscape, using various information sources to raise flags for gaps and to improve security coverage
• Reverse engineer and analyze malware and hack tools used by various threat actors
• Discovering new behavioral anomalies and TTPs used by threat actors and assisting in creating relevant mitigations
• Write threat intelligence reports and blogs (Technical English fluency - is a must!)
• Present your research in internal and international security conferences
• Work closely with other domestic and international research teams to collect and disseminate threat intelligence and improve the overall product's security coverage

Your Experience

• 5+ years of experience as a threat researcher, intelligence analyst, malware analyst, reverse engineer, threat hunter or incident responder/DFIR
• Familiarity with advanced topics and experience in malware analysis, threat hunting, long-term threat tracking, and attribution
• 3+ years of reverse engineering macOS and Linux malware
• Presented research in international security conferences - advantage
• Intimate knowledge and understanding of attack methods and TTPs over endpoints and enterprise solutions (EDR/XDR/XIAM)
• Good command of networking and authentication protocols, architecture and security concepts
• Coding experience with Python, including writing scripts for IDA Pro
• Experience using BigQuery or other SQL-based querying languages
• Experience using git - advantage
• High proficiency in English, both verbal and written - a must
• Proven experience in technical writing, including a record of published security blogs - a must
• Ability to work in a dynamic, fast-moving, and demanding environment
• Independent and team player, critical thinker
• Ability to summarize complex data and explain it in simple terms that can be understood by both technical and less-technical audiences

The Team

The Cortex Threat Research Team is at the forefront of combating the ever-evolving cyber threat landscape. Our mission is to continuously monitor, analyze, and anticipate emerging threats to ensure that our product defenses remain robust, adaptive, and effective. We specialize in tracking a wide range of cyber adversaries, from cybercriminal groups to nation-state APTs, meticulously studying their TTPs (Tactics, Techniques, and Procedures), malware, and attack patterns to enhance our products' detection and prevention capabilities.
Another pillar of our work is sharing our findings with the broader cybersecurity community. We take pride in translating our research insights into actionable threat intelligence and contributing to the collective defense through regular publications. Our blogs provide in-depth analyses of the latest threats, offering valuable insights to practitioners worldwide.

#LI-ER1

Our Commitment

We're problem solvers that take risks and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.