Principal Security Researcher

  • תל אביב
  • משרה קבועה
  • משרה מלאה
  • לפני חודש
Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for innovators who are as committed to shaping the future of cybersecurity as we are.**Who We Are**We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included.As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!**Job Description****Your Career**Imagine waking up each morning knowing the automated response playbooks you engineered are actively neutralizing threats across complex cloud and enterprise environments. Our specialized team is at the forefront of security operations, transforming high-fidelity detections from areas like Cloud Security (CSPM, CIEM, DSPM), UEBA, and ITDR into intelligent, autonomous response actions. We don't just build playbooks; we research, design, and implement sophisticated automation that acts decisively, contains threats, and remediates systems at machine speed.As a Principal Security Researcher on the team, you will be instrumental in architecting and developing these critical response automations. You'll dive deep into the nature of alerts generated from AWS, GCP, and Azure environments, as well as identity and behavior analytics systems. Your goal will be to translate your understanding of incident response best practices and attacker TTPs into robust response playbooks. If you are passionate about making security response faster, more consistent, and highly effective through automation, and you thrive on seeing your automation playbooks directly impact threat mitigation, this role is for you.Your Impact
  • Design & Develop Response Playbooks: Architect, build, test, and deploy sophisticated automated response playbooks. These playbooks will respond to alerts from diverse detection sources, including Cloud Security (CSPM, CIEM, DSPM), User and Entity Behavior Analytics (UEBA), and Identity Threat Detection and Response (ITDR) systems.
  • Deep Dive into Detections: Thoroughly analyze and understand the alerts and detection logic from various security tools and platforms to ensure response automations are precise, effective, and context-aware.
  • Cloud Automation Expertise: Implement response actions that leverage APIs and native automation capabilities within AWS, GCP, and Azure to contain threats, remediate misconfigurations, and restore security posture.
  • Incident Response Logic: Automate best-practice incident response procedures into workflows, covering containment, eradication, and recovery steps where appropriate.
  • Research & Innovation in Automation: Stay ahead of the latest trends in security automation, SOAR capabilities, and cloud-native response techniques to continuously enhance the team's playbook portfolio.
  • Data-Driven Refinement: Utilize telemetry and feedback loops to measure the effectiveness of response playbooks and iteratively improve their performance and coverage.
  • Collaboration: Work closely with detection engineering teams to understand their detections and ensure playbooks meet operational requirements.
  • Stay Updated: Maintain expert knowledge of APTs, attacker methodologies, and TTPs to ensure automated responses remain effective against evolving threats.
**Qualifications**Your Experience
  • Extensive experience in cybersecurity, with a strong emphasis on security operations, incident response, or security automation.
  • Proven, hands-on experience designing, developing, and maintaining security automation playbooks or SOAR workflows.
  • Experience in Python or other Programming languages, specifically for security automation, and API integration.
  • Deep understanding of incident response methodologies and best practices.
  • Strong familiarity with the security landscape, common vulnerabilities, and threat vectors relevant to cloud environments (AWS, GCP, or Azure) and enterprise systems.
  • Experience working with APIs from various security tools (e.g., SIEM, EDR, CSPM, identity providers) and cloud platforms.
  • Ability to analyze alerts and telemetry from security solutions to determine appropriate automated response actions.
  • A critical thinker with exceptional problem-solving skills, meticulous attention to detail, and a proactive approach to security challenges.
  • Independent and a collaborative team player.
  • Experience in Cloud detection engineering research.
Advantages
  • Experience as a senior SOC analyst (e.g., Tier 2/3) with direct experience handling and resolving incidents that could be automated.
  • Deep background in Incident Response, with a keen understanding of how to streamline and automate IR processes.
  • Experience in offensive security (e.g., penetration testing, red teaming), providing insights into how attackers operate and thus how to automate defenses against them.
**Additional Information****The Team**Our research team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating - challenging the way we, and the industry, think about cybersecurity. Our researchers don't shy away from building products to solve problems no one has pursued before.We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.**Our Commitment**We're trailblazers that dream big, take risks, and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at |** לפנייה למשרה יש להגיש מועמדות **|.Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.All your information will be kept confidential according to EEO guidelines.**Our Commitment**We're problem solvers that take risks and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at |** לפנייה למשרה יש להגיש מועמדות **|.Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.All your information will be kept confidential according to EEO guidelines.הגש מועמדותמשרות דומות שיכולות לעניין אותך08/07/2025ראש העין, 16.1 ק"מ ממיקומךאיש/ת אבטחת מידע ותקשורתמטרת התפקיד: הפעלה, תחזוקה ובקרה של מערכות אבטחת המידע בארגון. מצויין לאנשי אבטחת מידע ברמת הג׳וניר , אבל עם ניסיון מעשי קוד...23/06/2025מרכז, 1.88 ק"מ ממיקומךמומחה/ית אבטחת מידע במרכז (משרה מס. 821649)תיאור המשרה לחברת it מובילה דרוש/ה professional services אבטחת מידע מנוסה למשרה מלאה באזור המרכז, כול...13/07/2025מרכז, 1.88 ק"מ ממיקומךExtremeדרוש/ה מנחה ומבקר/ת אבטחת מידע אפליקטיבי משרה מעולה בחברת ביטוח מובילה במרכז הארץ!לתפקיד משמעותי הכולל ליווי פרויקטים טכנולוגיים מקצה לקצה בהיבטי...30/05/2025שרון, 14.37 ק"מ ממיקומךחברת comblack מגייסת מומחה.ית סייבר ואבטחת מידע לחברה מובילה בשרון !מה אנחנו מחפשים? -לפחות 5 שנות ניסיון בארגון enterprise. -ניסיון באבטחת תשתיו...08/07/2025תל אביבדרוש/ה ארכיטקט/ית תשתיות it וענן לארגון מוביל בת"א (עובדים היברידי)השתלבות במערך תשתיות טכנולוגיות בחטיבת טכנולוגיות של הארגון. התפקיד דורש רקע עש...10/07/2025הוד השרון, 12.01 ק"מ ממיקומךglobal system and security manager מיקום המשרה: הוד השרוןאנחנו מחפשים מנהל/ת מערכות ואבטחת מידע גלובלי/ת מנוסה, אסטרטגי/ת וחזוני/ת, להובלה ופיתוח ...13/07/2025תל אביבפוסט של expim - outstanding cloud solutions דרושים - תשתיות מחשוב, סיסטם, תקשורת ואבטחת מידע expim - outstanding cloud solutions - 17 שעות · אקספים - ...17/07/2025מרכז, 1.88 ק"מ ממיקומךLogica-ITנשמח לעזרתך, אנחנו מתגמלים בנדיבות על "חבר מביא חבר" מחלקת תשתיות באגף מערכות מידע מחפשת ראש.ת צוות תקשורת ואבטחת מידע - תפקיד משמעותי ומשפיע שמשלב נ...16/07/2025תל אביבWISER IT🔎 מחפשים/ות את האתגר הבא שלכם/ן?Wiser IT מגייסת מנהל/ת רשתות לתפקיד מגוון ומעניין!מה בתפקיד?📌 מתן תמיכה טכנית מלאה (Help D...קצת עלינוMploy הוא לוח דרושים מבוסס AI, שנועד לסייע למחפשי עבודה ולמעסיקים כאחד, תוך יצירת פלטפורמה חדשנית, איכותית המובילה את שוק העבודה בישראל.אנו מאגדים משרות עדכניות מאלפי מקורות בארץ, ומנגישים אותן ביעילות באמצעות סוכן AI חכם שמתאים משרות רלוונטיות למועמדים ומאפשר הגשת מועמדות בלחיצת כפתור.הפלטפורמה שלנו מציעה התאמות משרות מבוססות בינה מלאכותית עם אחוז התאמה אישי, קבוצות WhatsApp ייעודיות לפי תחום, ואפליקציה מתקדמת שמאפשרת חיפוש ושליחת קורות חיים מכל מקום ובכל זמן.Mploy אצלכם בוואטסאפ✨ רוצים להתעדכן בכל המשרות הכי שוות ישר לנייד?הצטרפו לקבוצות הוואטסאפ שלנו וקבלו את כל ההצעות המתאימות - בלי לחפש, ובלי לפספס. מחכים לכם! 📱😊

Mploy

הצעות עבודה דומות

  • Senior Application Security Researcher

    • תל אביב
    A leading global tech company is looking for a Senior Application Security Researcher to join its security team in Israel. This is a hands-on, impactful role where you'll shape the…
    • לפני 23 ימים

  • Security Researcher

    • תל אביב
    As a Security Researcher, your primary focus will be on the inner workings of iOS and Android operating systems. You'll dive into codebases, analyze security mechanisms, and identi…
    • לפני חודש

  • Security Researcher

    • תל אביב
    A boutique, high-end research company operating under the radar, recognized as a leader in the offensive cyber intelligence space. The company specializes in cutting-edge technolog…
    • לפני חודש