Staff Researcher

Our Mission

At Palo Alto Networks®, we're united by a shared mission-to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you're ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you're in the right place.

Who We Are

This role is remote, but distance is no barrier to impact. Our hybrid teams collaborate across geographies to solve big problems, stay close to our customers, and grow together. You will be part of a culture that values trust, accountability, and shared success where your work truly matters.

Job Description

The TeamOur research team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating - challenging the way we, and the industry, think about cybersecurity. Our researchers don't shy away from building products to solve problems no one has pursued before.We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.Job SummaryAre you an innovative security researcher with a deep understanding of Linux systems and a passion for protecting modern environments? Do you want to lead the charge in securing enterprise networks against the latest threats?We're looking for a skilled professional to join our team, focusing on the critical and rapidly evolving fields of Linux and API security. You'll be a foundational member of a new and growing team dedicated to the "blue ocean" of detection and developing multiple new fields within the biggest cybersecurity enterprise in the world. This is a unique opportunity to apply your expertise and influence the future of threat prevention, helping us build cutting-edge security solutions from the ground up.Key ResponsibilitiesPlaying a pivotal role in shaping the future of our security solutionsEnhance the effectiveness of our product by designing cutting-edge protection components and developing sophisticated detection rulesResearch Linux OS internals, Virtualized environments, and low-level system behaviors to inform and enhance our attack prevention mechanismsInvestigate and develop innovative methods for detecting threats and securing APIs, ensuring robust protection for modern applications and cloud-native environmentsApply sophisticated AI and big data approaches to investigate and research large amounts of data across our clientsResearch and lead novel protection ideas to a production-grade level, serving as a subject matter expertStay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems and APIsConduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop corresponding mitigation strategiesWork closely with engineering, product management, and other research teams to translate research findings into production-grade features

Qualifications (Additional Job Description)

Required Qualifications4+ years of overall experience in cybersecurity research, with a proven track record of impactful projectsIn-depth knowledge of operating system internals, including user and kernel spaceProficiency in programming languages like Python, C, and/or C++, with a strong understanding of system-level programming and APIsStrong knowledge of the cyber threat landscape, modern malware techniques, and APTsHands-on experience with real-world threat hunting, big-data cyber research, incident response, or detection engineeringExcellent problem-solving skills and a passion for cybersecurity innovationAbility to work independently, take initiative, and collaborate effectively within a teamAdvantagesExperience in reverse engineering, including familiarity with debugging and disassembler tools like GDB, IDA Pro, or GhidraExperience with EDR/XDR products or low-level security solution developmentKnowledge of API security frameworks, vulnerabilities, and best practicesExperience with advanced data analysis, statistics, or machine learning for security applicationsExperience in Linux kernel development or vulnerability researchKnowledge of network protocols related to APIs (e.g., HTTP/S, REST, GraphQL)Experience with virtualization platforms (e.g., ESXi/vCenter)