Principal U42 Strategy Programs jobs at Palo Alto in United States, New York

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation.

Your Impact

• Perform reactive incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
• Examine firewall, web, database, and other log sources to identify evidence of malicious activity
• Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and other investigation tools to determine source of compromises and malicious activity that occurred in client environments
• Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
• Ability to perform travel requirements as needed to meet business demands (on average 20%)
• Mentorship of team members in incident response and forensics best practices

Your Experience

• 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
• Strong leadership skills including experience managing a team or individuals
• Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
• Proficient with host-based forensics and data breach response
• Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools

• Identified ability to grow into a valuable contributor to the practice and, specifically:

  • have an external presence via public speaking, conferences, and/or publications;

  • have credibility, executive presence, and gravitas;

  • be able to have a meaningful and rapid delivery contribution;

  • have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products;

  • be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team.

• Incident response consulting experience required
• Ability to perform travel requirements as needed to meet business demands (on average 20%).
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $151000/YR - $208000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

In this role, you will be an integral part of a group of Software and ML engineers that continuously surveys petabytes of data to find risks online and protect some of the world's most important and relied upon organizations from malicious software and hackers. You will directly contribute to our mission by building AI/ML systems that increase the effectiveness of our security products, and you will directly work with stakeholders to define, design and implement improvements to our software.

Your Impact

• Prototype, build, and improve AI systems and ML models, including large language model (LLM) and generative AI applications, to automate and enhance team workflows

• Strengthen infrastructure for data ETL, model training and lifecycle, MLOps, batch and real-time processing, and inference

• Mentor and coach other ML engineers on developing, fine-tuning, and evaluating both traditional and generative AI models

• Work directly with security professionals who use your software and AI systems every day to help them be more effective and improve the quality of their work

• Develop feature engineering, data pipelines, and transformations to deliver reliable data for model training and LLM inference

• Measure and refine model performance through metrics-driven evaluations and continuous experimentation

• Deliver, monitor, and continually improve secure AI and ML systems in production, including LLM-powered tools and automation features

Your Experience

• Experience with Python including delivering production-quality code and debugging in a production environment

• Expertise in one or more of:

  • MLOps expertise (e.g. Feature Store, Model Serving, Model Monitoring)

  • Data Engineering expertise (e.g. Airflow, Apache Beam, Dataflow, SQL)

  • Designing and building applications powered by LLMs and generative AI (for example: retrieval-augmented generation, intelligent search, entity linking, summarization, conversational interfaces, automated reasoning, and code understanding)

  • Applying modern AI techniques including LLMs, embeddings, fine-tuning, and prompt engineering, using frameworks such as Hugging Face Transformers, LangChain, OpenAI API, and PyTorch

• Experience operating ML systems in production environments

• Conceptual thinking and creativity; you demonstrate an ability to consider various techniques to solve different modeling problems we face

• Ability to collaborate and to convey complex technical concepts to both technical and non-technical stakeholders

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $157,200 - $254,100/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Conduct comprehensive security assessments of AI systems and tools using frameworks such as:

  • MITRE ATLAS for adversarial tactics and techniques.

  • OWASP Top 10 for LLMs to identify vulnerabilities in AI/ML models.

  • NIST AI Risk Management Framework (AI RMF) for risk analysis and mitigation.

• Develop and execute assessment plans tailored to foundational models, base models, and SaaS-based AI tools.

• Analyze model architectures, training data pipelines, and deployment environments to identify potential security gaps and vulnerabilities.

• Provide expert guidance on securing AI systems, including:

  • Adversarial ML defenses.

  • Data poisoning prevention.

  • Privacy-preserving AI techniques (e.g., differential privacy).

• Evaluate compliance with regulatory requirements and standards (e.g., GDPR, HIPAA, or emerging AI-specific regulations).

• Collaborate with the client’s cross-functional teams, conducting stakeholder interviews, interactive workshops, and meetings with technical teams (data scientists, developers, DevOps engineers) and leadership teams to ensure a thorough understanding of system architecture, security requirements, and business objectives for the assessment.

• Stay up-to-date on the evolving threat landscape in AI and contribute to the development of innovative security solutions.Assisting Unit 42 Consulting Leadership in the development of Risk Management, Compliance, and Security standards within professional services

• Maintaining industry knowledge of and experience with cybersecurity best practices within theGovernance, Risk and Compliance (GRC) field to provide recommendations to proactively improve our client’s security posture and maturity

• Maintaining an understanding of the comprehensive threat intelligence landscape, key threat actors, MITRE ATT&CK TTPs, threat intelligence platforms, zero-day and other vulnerabilities, and other threat-led cybersecurity intelligence information

• Maintaining an understanding of Artificial Intelligence (AI) platforms and security best practices as well as threat to foundational, base, and other AI models and tools

• Leading or supporting cybersecurity risk assessments, audits, program and policy maturation and development, incident response tabletop exercises, configuration reviews, breach readiness reviews, and expert witness cases in accordance with industry best practices, regulations, standards, and company policies and procedures

• Maintaining the ability to work across multiple frameworks and regulatory standards including, but not limited to, NIST, CIS 18, ISO, GDPR, CCPA, SOX, and HIPAA

• Managing the team, monitoring progress, tracking budget, mitigating risks, and ensuring key stakeholders are kept informed about progress and expected outcomes while defining potential impacts and creating an effective mitigation strategy for multiple projects at a given time

• Identifying security risks and vulnerabilities while eliminating cybersecurity threats via stakeholder interviews, documentation review, and deep-dive testing and control validation

• Evaluating client controls for compliance with legal, regulatory, privacy, policy, standards and security requirements

• Effectively documenting and communicating audit, assessment, or compliance results, findings, and recommendations to stakeholders

• Effectively communicating with external stakeholders in a professional manner

• Scoping new opportunities with prospective clients, including drafting statements of work and proposals

• Meeting travel requirements as needed to meet business demands (on average ~30%)

Your Experience

• 6-9+ years of experience performing information security and risk assessments based upon industry-accepted standards.

• Former professional services and consulting experience preferred

• Experience managing a team of consultants

• Experience with GRC tools, technology, and implementation

• Experience with security assessments/audits, drafting findings and recommendations, and prioritizing recommendations via quantitative risk scoring

• Experience with securing AI systems within cloud environments (e.g., AWS, Azure, Google Cloud).

• Experience with the lifecycle management of AI/ML models, including development, deployment, monitoring, and maintenance.

• Strong verbal and written communication skills, particularly in conveying complex technical information to non-technical stakeholders.

• Demonstrate a track record in strengthening existing and developing new client relationships

• Knowledge of computer forensic tools, technologies and methods

• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or equivalent years of professional experience to meet job requirements and expectations

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $151000 - $208000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Assist in the development of internal infrastructure design for research, development, and testing focused on offensive security
• Conducts periodic scans of networks to find and detect vulnerabilities
• Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools
• Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
• Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
• Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
• Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems. (mobile application testing, penetration testing, application, security, and hardware testing)
• Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Unit 42 and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
• Assist Unit 42 Leadership in the development of security standards and best practices for the organization and recommend security enhancements as needed
• Able to conduct cyber risk assessments using frameworks or standards like NIST CSF, ISO 27001/2, PCI, CIS Top 20, CMMC, or other industry measurement tools
• Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weaknesses after receiving permission from client stakeholders
• Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
• Ability to perform travel requirements as needed to meet business demands (on average 30%)

Your Experience

• 6+ years of professional experience with risk assessment tools, technologies, and methods focused on Information Assurance, Information Systems/Network Security, Infrastructure Design, and Vulnerabilities Assessments
• Experience managing a team of consultants
• Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
• Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
• Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
• Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
• Knowledge and experience in conducting cyber risk assessments using industry standards
• Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
• Experience with scripting and editing existing code and programming using one or more of the following: Perl, Python, ruby, bash, C/C++, C#, or Java
• Experience with security assessment tools, including Nessus, OpenVAS, MobSF. Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
• Knowledge of application, database, and web server design and implementation
• Knowledge of network vulnerability assessments, web and cloud application security testing, network penetration testing, red teaming, security operations, or 'hunt'
• Knowledge of open security testing standards and projects, including OWASP & MITRE ATT&CK
• Ability to read and use the results of mobile code, malicious code, and anti-virus software
• Ability to scope new opportunities with prospective clients, including drafting statements of work and proposals
• Knowledge of computer forensic tools, technologies, and methods
• Identified ability to grow into a valuable contributor to the practice and, specifically -
  • have an external presence via public speaking, conferences, and/or publications
  • have credibility, executive presence, and gravitas
  • be able to have a meaningful and rapid delivery contribution
  • have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
  • be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent military experiences to meet job requirements and expectations

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $151000 - $208000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Experience

• M.S./B.S. degree in Computer Science or Electrical Engineering or equivalent military experience required
• At least 4 years of development experience Experience to developing and deploying microservices in the cloud/Kubernetes
• Experience with RESTful interfaces and Build Management tools (Gradle, maven) Experience in continuous integration and design
• Experience with Test-Driven Development Experience with distributed computing and object-oriented design and analysis
• Understanding of message queuing, stream processing, and highly scalable 'big data' data stores
• Understanding of building data pipelines and analytics pipelines using like dataflow, pubsub, GKE Showcase your ability of full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, peer review, and operations
• Familiarity with Agile (e.g., Scrum Process) Familiarity in Big Data technologies like Hive, Kafka, Hadoop, SQL, developing APIs
• Familiarity working with GCP or other Cloud platforms such as AWS and Azure High energy and the ability to work in a fast-paced environment with a can-do attitude
• Enjoys working with many different teams with strong collaboration and communications skills Fast learner and eager to absorb new emerging technologies

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $160 - $185/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.