Principal Security Researcher - Autonomous EDR (Cortex)

Your Career

We are looking for a Security Researcher to join our research group as part of a growing team developing Autopilot, an innovative product for autonomous investigation and response.

As a core member of the team, you'll go beyond research: you’ll research, design, and develop investigation modules that allow Autopilot to autonomously detect, investigate, and respond to advanced threats at a massive scale.

You’ll analyze everything from new malware behaviors to attacker techniques and process activity in enterprise-scale networks, using data collected from across millions of endpoints. Your work will span identifying attack patterns and uncovering statistical anomalies, as well as validating that the system responds effectively to real-world attacks and APT campaigns using production data.

Your Impact

• Research and implement new autonomous methods for investigating and responding to targeted attackers, using large-scale, diverse security datasets
• Develop and design the graph-based algorithms that power autonomous investigation and decision-making capabilities
• Design automated incident response by developing reusable logic that transforms raw security data and alerts into clear, actionable insights.
• Leverage graph algorithms, AI techniques, and statistical methods to mimic and scale human security analyst workflows
• Conduct deep, hands-on investigations into modern malware, APTs, and complex attack flows to inform detection and response logic
• Stay up to date with attacker methodologies, tools, and techniques (TTPs), ensuring our product remains effective against evolving threats
• Contribute to a collaborative, fast-paced research team, helping shape our research strategy, improve processes, and continuously enhance the product

Your Experience

• 7+ years of experience in security or threat research, in which you conducted deep research with actionable insights and real-world impact.
• Proven experience as part of an R&D/development team, along with strong proficiency in Python programming
• Intimate knowledge and understanding of attack methods and techniques over endpoints and enterprise networks
• Comfortable working with large-scale datasets to extract meaningful insights through advanced analysis
• Strong sense of ownership and ability to independently drive projects from concept to execution
• Critical thinker who thrives both independently and in collaborative team environments
• Excellent verbal and written communication skills
• A cybersecurity professional driven to solve the next generation of security challenges.

Advantage

• In-depth knowledge of the inner workings of operating systems (especially Windows)
• Experience working with graph DB and algorithms
• Experience in statistics, advanced data studies, or machine learning.

The Team

Our research team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating - challenging the way we, and the industry, think about cybersecurity. Our researchers don’t shy away from building products to solve problems no one has pursued before.

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.

Our Commitment

We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.