Principal Threat Researcher

Summary

Join Palo Alto Networks' Unit 42, National Security Team (NATSEC) as a threat intelligence analyst. You will work with a global team, embedded in a customer environment, tracking advanced persistent threats. Your responsibilities include providing actionable intelligence, leveraging global datasets, collaborating on threat analysis, developing threat assessments, and communicating with product engineering teams. This role requires a strong understanding of nation-state threat actors, experience with government agencies, and proficiency in various technologies and analysis techniques. Australian Top Secret Clearance is preferred. Palo Alto Networks offers a supportive work environment with various development and wellbeing programs.

Requirements

• Australian Top Secret Clearance (TS/PV) is preferred
• Experience working with government agencies
• Strong knowledge of nation-state threat actors, particularly their tactics, techniques, procedures, tooling, and noteworthy attacks
• Understanding of how nation states conduct access operations and their associated obfuscation techniques
• BS/MS in Computer Science, Computer Engineering, or 5+ years of experience as a cleared cyber threat intelligence analyst
• Working knowledge of BigQuery
• Proficiency in Python, C, and/or C++
• Familiar with static and dynamic malware analysis and common industry tools
• Familiar with common tactics, techniques, and procedures used by cyber threat actors to conduct network reconnaissance and intrusions, including knowledge of the MITRE ATT&CK Matrix for enterprise and individual techniques
• Experience leveraging netflow, passive DNS, IP registration, malware telemetry, and other data sets to form comprehensive threat assessments
• Experience working with information security teams such as fusion centers, security operations centers, vulnerability threat management, security incident management, threat hunting, and data analytics
• Excellent time management, often working under tight deadlines and multiple assignments
• Outstanding verbal and written communication skills
• Comfortable with creating and delivering presentations in a range of environments, from industry conferences to customer briefings
• Strong English fluency, and any other languages a plus

Responsibilities

• Provide timely and actionable intelligence to support customer intelligence requirements
• Leverage global datasets (netflow, malware, passive DNS, etc) to track malicious cyber actors, their infrastructure and campaigns
• Collaborate with a global team of threat intelligence analysts to analyze and develop coverage for emerging threats
• Develop strategic threat assessments in support of customer needs
• Communicate with product engineering teams to improve detection efficacy in our ecosystem of products

Preferred Qualifications

Previous experience in Chinese threat actors is a plus

Benefits

• FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees
• Mental and financial health resources
• Personalized learning opportunities