Principal Malware Windows Researcher (Cortex) at Palo Alto Networks – Tel Aviv-Yafo, Israel

Company description

Our mission

At Palo Alto Networks®, everything starts and ends with our mission:

To be the cybersecurity partner of choice and protect our digital way of life.

Our vision is a world where every day is safer and more secure than the last. We’re a company built on a foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Who we are

We take our mission to protect the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of each member of our team contribute to our collective success. Our values ​​are collected by employees and brought to life by each of us every day – from disruptive innovation and collaboration to execution. From standing up for each other with integrity to creating an environment in which we all feel involved.

As a member of our team, you shape the future of cybersecurity. We work fast, value continuous learning and respect each employee as a unique individual. Because we know we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellness spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities – just to name a few!

Job description

Your career

We are looking for a highly skilled and experienced Windows Malware Security Researcher to join our growing Windows malware research team. In this role, you will play a key role in improving our Endpoint Detection and Response (EDR) agent by prototyping new security components and techniques and developing advanced malware prevention strategies. You work to identify, analyze and mitigate advanced threats. You work closely with different teams to stimulate innovation.

The proposed role will be part of the Windows malware research team of the Cortex-XDR agent group.

You will focus primarily on our advanced agent technology, with an emphasis on real-time prevention on Windows endpoints. An in-depth understanding of the Windows operating system is essential

Your impact

• Playing a crucial role in shaping the future of our security solutions.
• improve the effectiveness of our EDR product by designing advanced protection components and developing advanced prevention rules
• Investigate the internals of the operating system and how Windows works under the hood. This knowledge is leveraged to develop and improve our anti-malware mechanisms and capabilities.
• Research and drive new protection ideas to production level, serving as an expert on the subject
• Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level) or enhance existing mitigation capabilities.
• Respond to malware-based security events on customer networks.
• Stay up to date on current malware and APT techniques.
• You will provide feedback to the product management team on new feature requests and product improvements from our customer base
• Find new malware techniques and APT attacks, including analysis of wild-caught malware

Qualifications

Your experience

• Minimum 5 general experience in the cybersecurity research domain.
• In-depth knowledge of the internals of the Windows operating system
• Minimum 3 years of experience with Windows internals, both user, kernel and research experience.
• At least 2 years of programming experience in C/C++ (win32 API) in Windows
• At least 2 years of experience with reverse engineering – both static and dynamic as well as assembly.
• Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
• Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques.
• Experience with debuggers such as windbg, x64dbg, ollydbg
• Experience with disassembly tools such as IDA Pro
• Proficiency in Python
• Hands-on experience with Git
• Knowledge of networks and internet protocols.
• A major advantage for candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solutions development, Windows exploitation, and vulnerability research.
• Excellent problem-solving skills, with a passion for innovation in cybersecurity.
• Ability to work independently and as part of a team
• Strong attention to detail
• Ability to take initiative
• The ability to work under pressure with strict deadlines and to prioritize projects
• a sense of humor.

Additional information

The team

Our engineering team is at the heart of our products and directly connected to the mission of preventing cyber attacks. We are constantly innovating and challenging the way we and the industry think about cybersecurity. Our engineers don’t shy away from building products to solve problems no one has pursued before.

We define the industry instead of waiting for directions. We need individuals who are comfortable with ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our daily lives, which are only made possible by a secure digital environment.

#LI-ER1

Our commitment

We are problem solvers who take risks and challenge the cybersecurity status quo. It’s simple: we cannot achieve our mission without diverse teams innovating together.

We are committed to providing reasonable accommodations to all qualified individuals with disabilities. If you require assistance or accommodations due to a disability or special need, please contact us at [email protected].

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political beliefs, protected veteran status, race, religion, gender (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.