Security Researcher - SaaS applications (Cortex)

Company Description

Our Mission

At Palo Alto Networks® everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Who We Are

We believe collaboration thrives in person. That’s why most of our teams work from the office full time, with flexibility when it’s needed. This model supports real-time problem-solving, stronger relationships, and the kind of precision that drives great outcomes.

Job Description

Your Career

We are looking for a Security Researcher to join our SaaS-application detection research team.

In this role, you will research the evolving threat landscape and develop advanced detections to protect SaaS applications runtime. You will focus on identifying and mitigating identity-related threats across SaaS environments, using statistical classification methods to build effective detection models and protecting customers at scale. Additionally, you will collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats.

Your Impact

Research innovative methods for detecting targeted attackers operating in SaaS environments.
Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior.
Develop and refine statistics-based classification algorithms and techniques to create and improve detection models.
Research specific scenarios to enhance our model's capabilities.
Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product.
Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats.

Qualifications

Your Experience

At least 3 years’ experience in security research, offensive security, or detection engineering.
2+ years of experience with SaaS applications or Entra ID - Advantage
In-depth knowledge of the inner-workings of operating systems
Strong knowledge of network protocols, including but not limited to DHCP, DNS, HTTP, SMB, RPC, SSO, etc.
Strong understanding of enterprise infrastructure, including Active Directory, FW, VPN, Security products, etc.
At least 2 Years of experience coding Python - Advantage
Strong knowledge of SQL language - Advantage
Experience with red-teaming / pentest of SaaS applications, Active Directory or Entra ID - Advantage
Experience with data analysis / cloud infrastructure / SaaS applications security - Advantage
Ability to drive and own projects from start to finish.
Independent and a team player, a critical thinker.

Additional Information

The Team

Cyber threats are adapting fast in a new XDR reality, changing their shape, volumes and sophistication. Every day, SecOps put more and more time and human-power into handling new cybersecurity challenges. The ITDR team is exactly here to address these areas. We leverage the Palo Alto Networks rich cloud-power and visibility to build up data-driven technologies which can save invaluable hours in customers’ day to day security challenges.

Our Commitment

We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.