Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Principal Cloud Threat Intelligence Researcher (Cortex XDR)

P

Palo Alto Networks

Principal Cloud Threat Intelligence Researcher (Cortex XDR)

Santa Clara, CA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

    Your Career

    We are looking for a threat researcher to join Cortex’s cloud threat intelligence and research team. The selected candidate will join a team of industry-leading cloud threat researchers detecting novel and emerging threat actors and groups targeting cloud environments. The candidate must have experience in threat hunting, intelligence gathering, or cloud application or platform penetration testing skills. Fundamentally, they must have a passion for cloud architecture, cloud posture management, cloud runtime monitoring and cloud detection engineering.

    The candidate will hunt, reverse, and research attacks targeting cloud workloads, containers, functions, and identity across platforms and connected SaaS applications. They must continually assess our platform’s coverage and develop ideas for improvement and strengthening. They must also maintain a constant lookout for novel and exploited vulnerabilities within cloud based applications, container platforms like Docker and Kubernetes, as well as with cloud service providers such as Google Cloud, AWS, and Azure.

    Your research and insights will make Cortex protections more robust and your experience, knowledge and insights will have the opportunity to be published on the industry leading Unit 42 blog space, as well as to present your findings at well-known cybersecurity conferences around the world.

    Your Impact

    • Hunt and track cloud threat actors as they perform their operations
    • Add insight into cloud threat actors and enrich indicators from cloud environments
    • Work and publish research with Palo Alto Networks’ Unit 42
    • Build Cortex detection coverages for cloud vulnerabilities, exploits, and malware
    • Analyze a broad range of n-day vulnerabilities in cloud and container services
    • Define new features and protection mechanisms to enrich Cortex datasets
    • Hunt and analyze malware attacking cloud and container workloads
    • Support our Palo Alto Networks product and development teams with practical knowledge of cloud exploitation and post-exploitation activity
    • Support our efforts to secure Cortex and actively engage in evaluating our product security
    • Present your research in cybersecurity conferences and industry whitepapers
  • Qualifications

    Qualifications

    Your Experience

    • Strong threat hunting and forensics knowledge of cloud and container platforms
    • Demonstrated proficiency of cyber threat intelligence operations
    • Ability to conceptualize, understand and replicate complex cloud attack paths
    • Clearly explain cloud attack path and exploitation techniques. e.g. IAM misuse operations, cloud application vulnerabilities, container escapes, and multi and hybrid-cloud service platform exploitation techniques
    • Public speaking and communication skills
    • Familiarity with serverless and containerization programming
    • Knowledgeable of reverse engineering and malware analysis operations
    • Familiarity with runtime monitoring applications across multiple cloud service providers
    • Bonus - Proficient reading and coding skills in Go, Rust and Python
    • Must be a puzzler and problem solver with a keen attention to detail
    • Excellent English reading comprehension and writing skills

    Additional Information

    The Team

    We are a group of threat research professionals excited about making cloud, containers, and open-source cloud-based platforms and applications more secure. We strive to be the best in our field and lead the cloud threat research space. As the cloud research front for the Cortex Threat Research group, we have many responsibilities, including maintaining visibility over the latest cloud threats and vulnerabilities, developing threat hunts and detection engineering operations for these threats, resulting in the tracking of malicious cloud operations in the wild. As a threat intelligence team for Cortex, our research enriches multiple Palo Alto Networks products and teams to better protect our customer base.

    Compensation Disclosure

    The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $182000 - $295000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.

    Our Commitment

    We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

    We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

    Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

    All your information will be kept confidential according to EEO guidelines.