Principal Security Researcher – Windows EDR (Cortex) at Palo Alto Networks – Tel Aviv-Yafo, Israel

Company description

Our mission

At Palo Alto Networks®, everything starts and ends with our mission:

We are the cybersecurity partner of choice, protecting our digital way of life.

Our vision is a world where every day is safer and more secure than the last. We are a company built on the foundation of challenging and disrupting the way things get done, and we seek innovators who are as committed to shaping the future of cybersecurity as we are.

Who we are

We take our mission to protect the digital way of life seriously. We are relentless in protecting our customers, and we believe that the unique ideas of every member of our team contribute to our collective success. Our values ​​are crowdsourced by employees and brought to life by each of us every day—from disruptive innovation and collaboration to execution. From standing up for each other with integrity to creating an environment where we all feel included.

As a member of our team, you will shape the future of cybersecurity. We move fast, value continuous learning, and respect every employee as a unique individual. Knowing that we all have different needs, our development and personal wellness programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellness spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities – just to name a few!

Job description

Your career

We are looking for a security researcher to join our Windows EDR Behavioral Detection team.

You’ll create statistics-based classification algorithms that detect everything from emerging malware to process behavior and attackers active in enterprise-level networks using data from multiple Windows endpoints. You’ll analyze attack patterns, find statistical anomalies, and validate that you’re detecting real attacks and APTs on real customer data.

Your impact

• Explore new methods to detect targeted attackers using massive amounts and different types of data
• Use and develop statistical algorithms and techniques to create and enhance our analytical detection capabilities
• Simulate attacks in the lab and perform in-depth behavioral analysis
• Help design new generic AI heuristics to automate responses to a combination of alerts and raw data, using graph algorithms to mimic cybersecurity investigations
• Become part of a diverse research group, improve our research processes and become a better team, create a better product
• Stay up to date on APTs, attacker methodologies, and TTPs

Qualifications

Your experience

• In-depth knowledge of the internal workings of operating systems (particularly Windows)
• Intimate knowledge and understanding of endpoint and enterprise attack methods and techniques
• Extensive experience and interest in malware research or development
• Experience with Python software development
• Easily conduct research and gather insights by consulting large databases
• An advantage if you have experience with machine learning or data analysis
• Advantage if you have knowledge and experience with reverse engineering
• Advantage if you have advanced knowledge of the Microsoft AD infrastructure
• Advantage if you have operational knowledge and experience
• Ability to drive and own projects
• Independent and team player, critical thinker

Additional information

The team

Our engineering team is at the heart of our products and directly connected to the mission of preventing cyberattacks. We are constantly innovating and challenging the way we, and the industry, think about cybersecurity. Our engineers are not afraid to build products to solve problems that no one has explored before.

We define the industry rather than waiting for clues. We need people who are comfortable with ambiguity, excited by the prospect of a challenge, and invigorated by the unknown risks we face every day, which are only made possible by a safe digital environment.

#LI-ER1

Our Commitment

We are risk-taking problem solvers who challenge the cybersecurity status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating together.

We strive to provide reasonable accommodations to all qualified individuals with disabilities. If you require assistance or accommodations because of a disability or special need, please contact us at [email protected].

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation or other legally protected characteristics.

All your information will be treated confidentially in accordance with EEO guidelines.

Is this position eligible for immigration sponsorship? No. Please note that we do not sponsor applicants for a work visa for this position.