דרושים Decoding Researcher

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.

You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.

Your Impact

• Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
• Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
• Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
• Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
• Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
• Act as a key research partner with engineering teams to push and validate our product capabilities.
• Leverage data-driven approaches to identify threats and propose effective mitigations.

Your Experience

• 5+ years of hands-on experience in security research, offensive security, or security development.
• Strong, practical development skills (Python, C, Go, Git are advantages) for automating attack tools, building PoCs, and creating testing infrastructure.
• Extensive knowledge of Linux internals ("under the hood").
• Proven ability to adapt, learn quickly, and switch contexts between complex technical domains (e.g., from kernel research to cloud-native security).
• Experience with Linux eBPF and modern kernel technologies.
• Experience with Linux namespaces & cgroups.
• Familiarity with Managed and Unmanaged Kubernetes solutions.
• Ability to work independently and as part of a team, managing fast-paced tasks and stressed time constraints while maintaining focus.

Advantages

• Knowledge of Cloud Workloads such as GCP, AWS, Azure
• Strong debugging skills with various tools on different Linux platforms
• Experience with reversing tools such as IDA Pro, Strace, etc

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As our Senior Automation Engineer, you will be responsible for product quality, test design, and planning. You will develop automation tests and the required infrastructure, focusing on Windows and macOS environments. This includes deployment, execution, and validation across multiple system configurations. You will work closely with the development team to investigate and resolve issues discovered during testing.

The role is deeply hands-on, requiring a strong understanding of the product, operating systems, and automation frameworks. You should have the ability to streamline processes, enhance test coverage, and improve efficiency through automation using Python.

Your Impact

Design and execute E2E tests for multiple Operating systems (Windows, macOs , Linux) Test new features, focusing on deep internal aspects of the feature and its integration with the OS Learn new features, technologies and platforms in a relatively short amount of time Reproduce and analyze bugs, that either came from the field or have been found during the testing cycle Run QA cycles on a tight release schedule Work closely with developers, product managers and other QA teams - being involved during the entire release cycle from planning through execution and final delivery Make a significant impact on the design, implementation and quality of the product Qualifications Your Experience

• 3+ years of experience QA automation developer (Python)
• Knowledge of continuous integration (CI/CD) and object oriented automation frameworks - Mandatory
• Strong expertise with Operating systems (Windows advantage)
• Background and experience in Endpoint security - Advantage
• Familiar with endpoint security testing infrastructure and system-level automation
• Familiarity with virtualization and deployment tools for Windows/macOS (e.g., VMware, Parallels, Jamf, SCCM) – Advantage
• Quick learner with the ability to grasp new technologies efficiently
• Capable of working independently and collaboratively within a team, even under pressure, while maintaining focus and a positive attitude

All your information will be kept confidential according to EEO guidelines.

All your information will be kept confidential according to EEO guidelines.

Job Summary

As a Principal Security Researcher on the Cortex Cloud research team, you’ll lead deep, hands-on security research across cloud and AI environments- from uncovering vulnerabilities and novel attack paths to building the protections that stop them.

Your impact doesn’t end with detections. This team is also responsible for driving product innovation: identifying gaps in how cloud environments are secured, finding new ways to close those gaps, and partnering with engineering, product and marketing to take those ideas from a POC to implementation. Whether it’s a new detection engine, risk signal, or protection method- your research directly shapes the product.

You'll research the AI attack surface in depth, and push the boundaries of what cloud and AI security can achieve. If you're looking for a role where research leads to real-world defense- and product innovation is part of your day job- this is the team.

Key Responsibilities

• Research and uncover vulnerabilities and abuse paths in cloud services, with a strong focus on AI, identity, and data pipelines
• Collaborate with product and engineering to ship detections and logic based on your findings
• Research-driven impact - drive innovation from idea to execution: Identify emerging security gaps, build proof-of-concepts, and partner with engineering, product and marketing to translate research into actual product features and detection logic.
• Represent the team through public blogs, conferences and research collaborations with cloud vendorsPublish internal or external research and represent the team at industry events or blogs.
• Lead the discovery of novel attack vectors- e.g., cross-tenant access, NHI abuse, RAG poisoning, privilege escalation

Required Qualifications

• Minimum of 6 years in security research, including at least 2 years focused on cloud security
• Deep understanding of IAM, network, and data services posture in AWS, Azure, or GCP Research
• Strong understanding of the attacker’s mindset and proven experience in applying defensive tactics
• Hands-on experience in programming and scripting with C++/Python
• Experience with AI / Web/ Cloud/ K8S vulnerability research
• Proven ability to conceptualize, plan, and execute research from ideation through POC to full implementation
• Nice to have: Hands-on experience detecting or simulating attacks in AI pipelines (e.g., RAG poisoning, prompt injection, model exfiltration)
• Public research, blog posts, or conference presentations
• Resourcefulness and creativity in problem-solving, achieving high standards in challenging scenarios
• Deep understanding of the cybersecurity market, including key players, customer needs, and emerging trends
• Excellent communication and teamwork skills, with the ability to lead initiatives and work collaboratively across the organization

All your information will be kept confidential according to EEO guidelines.

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.

Key Responsibilities

• Playing a pivotal role in shaping the future of our security solutions
• Enhance the effectiveness of our product by designing cutting-edge protection components and developing sophisticated detection rules
• Research Linux OS internals, Virtualized environments, and low-level system behaviors to inform and enhance our attack prevention mechanisms
• Investigate and develop innovative methods for detecting threats and securing APIs, ensuring robust protection for modern applications and cloud-native environments
• Apply sophisticated AI and big data approaches to investigate and research large amounts of data across our clients
• Research and lead novel protection ideas to a production-grade level, serving as a subject matter expert
• Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems and APIs
• Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop corresponding mitigation strategies
• Work closely with engineering, product management, and other research teams to translate research findings into production-grade features

Required Qualifications

• 4+ years of overall experience in cybersecurity research, with a proven track record of impactful projects
• In-depth knowledge of operating system internals, including user and kernel space
• Proficiency in programming languages like Python, C, and/or C++, with a strong understanding of system-level programming and APIs
• Strong knowledge of the cyber threat landscape, modern malware techniques, and APTs
• Hands-on experience with real-world threat hunting, big-data cyber research, incident response, or detection engineering
• Excellent problem-solving skills and a passion for cybersecurity innovation
• Ability to work independently, take initiative, and collaborate effectively within a team

Advantages

• Experience in reverse engineering, including familiarity with debugging and disassembler tools like GDB, IDA Pro, or Ghidra
• Experience with EDR/XDR products or low-level security solution development
• Knowledge of API security frameworks, vulnerabilities, and best practices
• Experience with advanced data analysis, statistics, or machine learning for security applications
• Experience in Linux kernel development or vulnerability research
• Knowledge of network protocols related to APIs (e.g., HTTP/S, REST, GraphQL)
• Experience with virtualization platforms (e.g., ESXi/vCenter)

All your information will be kept confidential according to EEO guidelines.