Palo Alto Principal Offensive Security Researcher 

Israel, Tel Aviv District, Tel Aviv-Yafo 

686618628

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Lead and execute sophisticated penetration testing engagements across diverse environments, including web applications, cloud infrastructure (AWS, etc.), Kubernetes, containers, and source code.
• Pioneer and develop innovative tools, techniques, and methodologies to simulate advanced adversaries and enhance our testing capabilities.
• Collaborate closely with product and engineering teams to provide deep technical insights, identify vulnerabilities, and strengthen the security posture of our core products.
• Conduct in-depth research on emerging threats and vulnerabilities, translating your findings into actionable intelligence and improved security controls.
• Create, deliver, and present clear, detailed, and actionable reports and findings to both technical and executive stakeholders.
• Serve as a subject matter expert and mentor to other team members, fostering a culture of continuous learning and technical excellence.
• Drive End-to-End Evaluation: Take ownership of creating and executing the end-to-end security evaluation and testing strategy for our core solutions.
• Influence the Roadmap: Your research and findings will directly influence the security roadmap and feature development of our products.

Your Experience

• Demonstrated real-world experience in offensive security, evidenced by a portfolio of public research, tool development, or conference presentations.
• Deep technical expertise in multiple of the following areas:
  • Web Application Security: Thorough understanding of the OWASP Top 10, API security, and modern web technologies.
  • Cloud Security: Proven experience performing penetration tests and security reviews of cloud environments (AWS, GCP, Azure).
  • Container & Kubernetes Security: In-depth knowledge of containerization technologies (Docker, etc.) and Kubernetes architecture and common misconfigurations.
  • Infrastructure & Network Penetration Testing: Expertise in identifying and exploiting vulnerabilities in internal and external networks.
• Proficiency with offensive security tools and frameworks (e.g., Burp Suite, Metasploit, Kali Linux, debuggers/disassemblers like IDA Pro or Ghidra).
• Strong understanding of the MITRE ATT&CK framework and other security models.
• Working knowledge of Windows & Linux operating system internals.
• Exceptional problem-solving skills and the ability to work independently and manage complex projects from start to finish.
• Excellent communication skills , with the ability to communicate highly technical findings effectively to engineers , peers, and leadership.
• Programming proficiency is highly desired. Python and Go are preferred, but experience with other languages (C, C++, C#, Java, Ruby) is also valuable.
• A Bachelor’s degree in a technical field is a plus, but not required.
• Industry certifications such as OSCP, OSEP, OSCE, OSEE, or GXPN are highly regarded.

All your information will be kept confidential according to EEO guidelines.