Principal Cloud Threat Intelligence Researcher Cortex XDR
Principal Cloud Threat Intelligence Researcher Cortex XDR
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Your Career
We are looking for a threat researcher to join Cortexs cloud threat intelligence and research team. The selected candidate will join a team of industryleading cloud threat researchers detecting novel and emerging threat actors and groups targeting cloud environments. The candidate must have experience in threat hunting intelligence gathering or cloud application or platform penetration testing skills. Fundamentally they must have a passion for cloud architecture cloud posture management cloud runtime monitoring and cloud detection engineering.
The candidate will hunt reverse and research attacks targeting cloud workloads containers functions and identity across platforms and connected SaaS applications. They must continually assess our platforms coverage and develop ideas for improvement and strengthening. They must also maintain a constant lookout for novel and exploited vulnerabilities within cloud based applications container platforms like Docker and Kubernetes as well as with cloud service providers such as Google Cloud AWS and Azure.
Your research and insights will make Cortex protections more robust and your experience knowledge and insights will have the opportunity to be published on the industry leading Unit 42 blog space as well as to present your findings at wellknown cybersecurity conferences around the world.
Your Impact
Hunt and track cloud threat actors as they perform their operations.
Add insight into cloud threat actors and enrich indicators from cloud environments.
Work and publish research with Palo Alto Networks Unit 42.
Build Cortex detection coverages for cloud vulnerabilities exploits and malware.
Analyze a broad range of nday vulnerabilities in cloud and container services.
Define new features and protection mechanisms to enrich Cortex datasets.
Hunt and analyze malware attacking cloud and container workloads.
Support our Palo Alto Networks product and development teams with practical knowledge of cloud exploitation and postexploitation activity.
Support our efforts to secure Cortex and actively engage in evaluating our product security.
Present your research in cybersecurity conferences and industry whitepapers.
Qualifications :
Your Experience
Strong threat hunting and forensics knowledge of cloud and container platforms.
Demonstrated proficiency of cyber threat intelligence operations.
Ability to conceptualize understand and replicate complex cloud attack paths.
Clearly explain cloud attack path and exploitation techniques. e.g. IAM misuse operations cloud application vulnerabilities container escapes and multi and hybridcloud service platform exploitation techniques.
Public speaking and communication skills.
Familiarity with serverless and containerization programming.
Knowledgeable of reverse engineering and malware analysis operations.
Familiarity with runtime monitoring applications across multiple cloud service providers.
Bonus Proficient reading and coding skills in Go Rust and Python.
Must be a puzzler and problem solver with a keen attention to detail.
Excellent English reading comprehension and writing skills.
Additional Information :
The Team
We are a group of threat research professionals excited about making cloud containers and opensource cloudbased platforms and applications more secure. We strive to be the best in our field and lead the cloud threat research space. As the cloud research front for the Cortex Threat Research group we have many responsibilities including maintaining visibility over the latest cloud threats and vulnerabilities developing threat hunts and detection engineering operations for these threats resulting in the tracking of malicious cloud operations in the wild. As a threat intelligence team for Cortex our research enriches multiple Palo Alto Networks products and teams to better protect our customer base.
Compensation Disclosure
The compensation offered for this position will depend on qualifications experience and work location. For candidates who receive an offer at the posted level the starting base salary (for nonsales roles) or base salary commission target (for sales/commissioned roles) is expected to be between $182000 $295000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.
Our Commitment
Were problem solvers that take risks and challenge cybersecuritys status quo. Its simple: we cant accomplish our mission without diverse teams innovating together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need please contact us at .
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or other legally protected characteristics.
All your information will be kept confidential according to EEO guidelines.
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
Company Industry
Department / Functional Area
Engineering
Key Skills
- Intelligence Community Experience
- Python
- Spss
- Microsoft Word
- R
- Regression Analysis
- Windows
- Stata
- Microsoft Powerpoint
- Research Experience
- Data Modeling
- Writing Skills
