Principal Consultant – Soc Transformation Xsiam Deployment jobs at Palo Alto in Israel

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• End-to-end backend development of features and core components across their entire life cycle (design, develop, test, deploy, maintain)
• Collaborate with peers across different teams and disciplines to shape solutions and integrate with other parts of the product
• Work with customers and provide solutions to their day-to-day work and challenges
• Contribute to team-wide efforts - code reviews, design reviews, technical and architectural decisions

Your Experience

• BS in Computer Science, equivalent knowledge, or equivalent military experience

• 8+ years of software engineering experience - Must
• Experienced with a variety of database technologies (RDBMS / NoSQL)
• Experience in distributed cloud products and architecture
• Experience in designing, building, and maintaining high scale server-side application
• Experience in Python / Go - an advantage
• Experience with GCP - advantage
• Experience with Kubernetes/Docker - advantage
• Knowledge of the cyber field - advantage

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.

You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.

Your Impact

• Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
• Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
• Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
• Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
• Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
• Act as a key research partner with engineering teams to push and validate our product capabilities.
• Leverage data-driven approaches to identify threats and propose effective mitigations.

Your Experience

• 5+ years of hands-on experience in security research, offensive security, or security development.
• Strong, practical development skills (Python, C, Go, Git are advantages) for automating attack tools, building PoCs, and creating testing infrastructure.
• Extensive knowledge of Linux internals ("under the hood").
• Proven ability to adapt, learn quickly, and switch contexts between complex technical domains (e.g., from kernel research to cloud-native security).
• Experience with Linux eBPF and modern kernel technologies.
• Experience with Linux namespaces & cgroups.
• Familiarity with Managed and Unmanaged Kubernetes solutions.
• Ability to work independently and as part of a team, managing fast-paced tasks and stressed time constraints while maintaining focus.

Advantages

• Knowledge of Cloud Workloads such as GCP, AWS, Azure
• Strong debugging skills with various tools on different Linux platforms
• Experience with reversing tools such as IDA Pro, Strace, etc

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation.

Your Impact

• Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
• Examine firewall, web, database, and other log sources to identify evidence of malicious activity
• Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments
• Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
• Ability to perform travel requirements as needed to meet business demands (on average 20%)
• Mentorship of team members in incident response and forensics best practices

Your Experience

• 8+ years of incident response or digital forensics consulting experience with a passion for cyber security
• Strong leadership skills including experience managing a team or individuals
• Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
• Proficient with host-based forensics and data breach response
• Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
• Incident response consulting experience required
• Identified ability to grow into a valuable contributor to the practice and, specifically
• have an external presence via public speaking, conferences, and/or publications
• Have credibility, executive presence, and gravitas
• Able to have a meaningful and rapid delivery contribution
• Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
• Collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

We are looking for a top-notch Principal Automation Engineer to drive our test efforts and automation infrastructure. You will be in charge of, first and foremost, product quality, design and plan required quality assurance tests, you will develop automation tests and needed infrastructure together with deployment to all known cloud providers using python, and working closely with a development team to address issues that were discovered. Additionally, you will be involved in developing test infrastructure for Unit-Tests, Integration-Tests and more, while providing the infrastructure as a service to the dev teams. The job is deeply hands-on and requires a deep understanding of the product, and the environments it runs.

Your Impact

• Work closely with our engineering teams to understand business requirements

• Own and develop test infrastructure used by dev teams, while providing them with guidance and assistance for using it

• Design, plan and implement automatic tests for our critical business paths

• Own and adjust our UI testing framework to support dev teams which are using it to develop end-to-end tests

• Own and improve peripheral tools for our quality efforts, such as reporting, investigation etc.

• Identifying, reporting, documenting and tracking defect/bug issues

• Investigate, analyze and find the root causes for failed systems and software

• Ability to effectively communicate with all levels of the organization

• Excellent verbal and written communication skills

Your Experience

• At least 5 years of experience as a Automation Infrastructure Engineer

• Strong coding skills Experience in one of the following (or equivalent) languages - TypeScript / Python

• Experience with cloud-native technologies like Docker, Kubernetes, etc

• Experience with CSPs such as GCP (advantage), AWS

• Experience with CI/CD pipeline development and usage

• Experience with process automation solutions and tools development - Advantage

• Experience with UI/Web automation testing - Advantage

• Experience with designing, developing, and implementing test/applicative frameworks from scratch

• Ability to learn new technologies super-fast

• A strong passion for product quality and continuous willingness to improve the product

All your information will be kept confidential according to EEO guidelines.

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

We are looking for a Senior Principal C++ Engineer for our Tel Aviv R&D center.

More information about Endpoint Protection products can be found .

Your Impact

• Create or take over features from design, through development all the way to deployment and support in customer environments

• Lead Integration with colleagues on new APIs and flows inside the team and with teams from other teams and groups

• Research complex issues from the field and provide creative solutions

• Serve as a leading individual in a very strong team professionally and personally. We’re looking for someone who not only delivers his own work but improves that of those around them

• Find space for growth to push the entire team or group forward - New projects, changing processes or improving existing tools

Your Experience

• 8+ years of experience developing in modern C++

• Rich experience building and owning various software projects with the ability to contribute across the software development lifecycle

• Experience with multi-threaded and multi-process development with a focus on performance

• Positive ‘can-do’ mindset, able to work independently and within a team

• Computer Science B.Sc. or equivalent education

• Experience with operating systems API - an advantage

• Experience in the cybersecurity space - an advantage

• Experience in security challenges in cloud environments including but not limited to - Posture, Kubernetes, various cloud providers and orchestration frameworks - an advantage

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Drive the development of sophisticated, AI-powered features end-to-end, from ideation and technical design to seamless deployment in production.

• Architect and implement hyper-scalable solutions on GCP capable of supporting thousands of developers, ensuring enterprise-grade quality and reliability.

• Obsess over the developer experience, passionately enhancing the user experience (UX) of the product's features to create an intuitive and powerful tool.

Your Experience

• 6+ years of experience working as a Backend Developer

• Proven expertise in AI Vibe Coding and a strong interest in developing AI-driven developer tools.

• Strong proficiency in one or more of the following languages: Python, Golang, TypeScript, or .NET.

• Experience building and maintaining live, high-scale cloud production systems, preferably on a major cloud provider like GCP.

• A strong technical background; independent and self-motivated, with excellent problem-solving skills.

• A deep passion for enhancing the developer experience.

An Advantage:

• Experience in developing IDE plugins.

• Experience in developing systems with LLM integration

• Experience with Security products

• Bachelor's degree or equivalent military experience

We define the industry, instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.

All your information will be kept confidential according to EEO guidelines.

Job Summary

As a Principal Security Researcher on the Cortex Cloud research team, you’ll lead deep, hands-on security research across cloud and AI environments- from uncovering vulnerabilities and novel attack paths to building the protections that stop them.

Your impact doesn’t end with detections. This team is also responsible for driving product innovation: identifying gaps in how cloud environments are secured, finding new ways to close those gaps, and partnering with engineering, product and marketing to take those ideas from a POC to implementation. Whether it’s a new detection engine, risk signal, or protection method- your research directly shapes the product.

You'll research the AI attack surface in depth, and push the boundaries of what cloud and AI security can achieve. If you're looking for a role where research leads to real-world defense- and product innovation is part of your day job- this is the team.

Key Responsibilities

• Research and uncover vulnerabilities and abuse paths in cloud services, with a strong focus on AI, identity, and data pipelines
• Collaborate with product and engineering to ship detections and logic based on your findings
• Research-driven impact - drive innovation from idea to execution: Identify emerging security gaps, build proof-of-concepts, and partner with engineering, product and marketing to translate research into actual product features and detection logic.
• Represent the team through public blogs, conferences and research collaborations with cloud vendorsPublish internal or external research and represent the team at industry events or blogs.
• Lead the discovery of novel attack vectors- e.g., cross-tenant access, NHI abuse, RAG poisoning, privilege escalation

Required Qualifications

• Minimum of 6 years in security research, including at least 2 years focused on cloud security
• Deep understanding of IAM, network, and data services posture in AWS, Azure, or GCP Research
• Strong understanding of the attacker’s mindset and proven experience in applying defensive tactics
• Hands-on experience in programming and scripting with C++/Python
• Experience with AI / Web/ Cloud/ K8S vulnerability research
• Proven ability to conceptualize, plan, and execute research from ideation through POC to full implementation
• Nice to have: Hands-on experience detecting or simulating attacks in AI pipelines (e.g., RAG poisoning, prompt injection, model exfiltration)
• Public research, blog posts, or conference presentations
• Resourcefulness and creativity in problem-solving, achieving high standards in challenging scenarios
• Deep understanding of the cybersecurity market, including key players, customer needs, and emerging trends
• Excellent communication and teamwork skills, with the ability to lead initiatives and work collaboratively across the organization

All your information will be kept confidential according to EEO guidelines.