Threat Hunter Researcher

Summary

Join Palo Alto Networks' Unit 42 Managed Services group as a Threat Hunter. Proactively hunt for cyber threats across multiple datasets, leading and conducting threat hunting activities related to malware, threat actor groups, and campaigns. This cross-disciplinary role requires deep cybersecurity understanding, incident response expertise, threat intelligence knowledge, and hands-on technical skills. You will collaborate with various teams, share findings, and coordinate response efforts. Help multinational organizations stay ahead of adversaries, enhance their protection, and improve Palo Alto Networks' solutions by identifying and analyzing new threats. Contribute to making the world a safer place by sharing knowledge and findings.

Requirements

• Understanding the threat landscape, including attack tools, tactics, and techniques, as well as networking and security fundamentals
• Experience investigating targeted, sophisticated, or hidden threats in both endpoints and networks
• 4+ years of relevant experience with a proven track record in cybersecurity research, specializing in either APTs or cybercrime, but with the ability to address the broader threat landscape
• Background in forensic analysis and incident response tools to identify threats and assess the extent and scope of compromises
• Understanding of APT operations, including attack vectors, propagation, data exfiltration, lateral movement, persistence mechanisms, and more
• Familiarity with organizational cybersecurity measures, including protective tools and remediation techniques
• Excellent written and oral communication skills in English
• Strong attention to detail
• Knowledge of threat hunting methodologies and the ability to develop novel techniques

Responsibilities

• Proactively search for signs of malicious activity within an organization's network
• Use advanced tools and methodologies to identify anomalies and potential threats
• Actively engage in research and experimentation to develop new hunting techniques
• Work closely with other teams (Incident Response, Threat Intelligence, Customers, cybersecurity leadership) to share findings and coordinate response efforts
• Help multinational organizations stay one step ahead of adversaries and cyber threats
• Collaborate and guide customers on enhancing their protection and readiness for future events
• Improve Palo Alto Networks' solutions by identifying and analyzing new threats and tactics
• Influence the industry by sharing knowledge and findings
• Collaborate with multiple research and development groups
• Contribute to making the world a safer and better place

Preferred Qualifications

• Experience in an Incident Response environment
• Experience with XDR/EDR platforms and operating system internals
• Proficiency in Python and SQL
• Familiarity with reverse engineering
• Ability to simplify and clarify complex ideas
• Experience in writing technical blog posts and analysis reports
• Ability to analyze and understand the infrastructure of malicious campaigns
• Self-starter who can work independently and adapt to changing priorities

Benefits

• FLEXBenefits wellbeing spending account with over 1,000 eligible items
• Mental and financial health resources
• Personalized learning opportunities