CrawlJobs Logo
Wiz Logo Wiz · IT - Software Development

Threat Detection Researcher

Israel, Tel Aviv · Job Posted December 13, 2025
Apply Position
Job Link Share

Job Description

Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Our Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 45% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster.

Job Responsibility

  • Develop detections and tools to protect customers from cloud threats
  • Investigate attacks on cloud environments and malware targeting cloud workloads
  • Hunt and analyze real-world attacks and emerging cloud threats
  • Collaborate closely with the R&D team to transform research insights into product features
  • Work with customers in response to requests related to suspicious activity or potential incidents
  • Create best practices and security policies based on research findings
  • Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

Requirements

  • 6+ years of experience in security or threat research in which you conducted deep research with actionable conclusions and impacts
  • Intimate knowledge of OS internals (Windows/Linux) and networking
  • Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
  • Experience delivering security detections in customer-facing product(s)
  • The ability to learn independently, to be self-driven and goal-oriented
  • Excellent communication and teamwork skills

Nice to have

  • Hands-on experience with malware analysis/reverse engineering/vulnerability research
  • Familiarity with notable threat actors and threat intelligence analysis
  • IR/red-team/threat-hunting experience
Wiz - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Threat Detection Researcher

8 matching positions

New

Threat Detection Researcher (Windows/Linux/MacOS)

We’re looking for a top-notch Threat Detection Researcher to join our team and s...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in security or threat research in which you conducted deep research with actionable conclusions and impacts
  • Intimate knowledge of OS internals (Windows/Linux/MacOS) and networking
  • Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
  • Proficiency in Python for tool development and automation (knowledge of Go, Rust, or C/C++ – an advantage)
  • Experience delivering security detections in customer-facing product(s)
  • The ability to learn independently, to be self-driven and goal-oriented
  • Excellent communication and teamwork skills
Job Responsibility
Job Responsibility
  • Develop detections and tools to protect customers from cloud threats
  • Investigate attacks on cloud environments and malware targeting cloud and AI workloads
  • Hunt and analyze real-world attacks and emerging cloud and AI threats
  • Collaborate closely with the R&D team to transform research insights into product features
  • Work with customers in response to requests related to suspicious activity or potential incidents
  • Create best practices and security policies based on research findings
  • Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research
  • Fulltime
Read More
Arrow Right

Threat Detection Researcher (Windows/Linux)

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in security or threat research in which you conducted deep research with actionable conclusions and impacts
  • Intimate knowledge of OS internals (Windows/Linux) and networking
  • Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
  • Experience delivering security detections in customer-facing product(s)
  • The ability to learn independently, to be self-driven and goal-oriented
  • Excellent communication and teamwork skills
Job Responsibility
Job Responsibility
  • Develop detections and tools to protect customers from cloud threats
  • Investigate attacks on cloud environments and malware targeting cloud workloads
  • Hunt and analyze real-world attacks and emerging cloud threats
  • Collaborate closely with the R&D team to transform research insights into product features
  • Work with customers in response to requests related to suspicious activity or potential incidents
  • Create best practices and security policies based on research findings
  • Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research
Read More
Arrow Right

Senior Manager, Cyber Threat Researcher, Cyber Intelligence (Remote Eligible)

The mission of Capital One’s Cyber Intelligence service is to leverage cyber thr...
Location
Location
United States , McLean; Richmond; New York; Plano; Chicago
Salary
Salary:
209000.00 - 286200.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma, GED or equivalent certification
  • At least 6 years of experience working in cybersecurity or information technology
  • At least 6 years of experience working in incident response, threat hunting, threat intelligence, forensics, or offensive security
  • At least 5 years of experience in conducting investigations or research into cyber-enabled fraud, cybercrime, or advanced persistent threats
  • At least 3 years of experience with cyber threat intelligence threat frameworks such as Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK, ATLAS, Defense or Engage
  • At least 3 years of experience in programming or scripting with Python, Perl, PHP, PowerShell or SQL
Job Responsibility
Job Responsibility
  • Create mechanisms to "connects the dots" between different internal and external data sources in order to combine "signals" in data that automatically highlight cyber threats across advanced enterprise threat activities and fraud activity
  • Maintain industry-wide expertise of the current cyber threat landscape and attack vectors
  • Synthesize disparate sets of data from sources such as malware, cyber attack patterns, closed and open-source intelligence, and tokenized consumer flows to inform instrumentation, detections, and threat narratives such as storyboards
  • Build productive relationships with internal teams to contextualize, influence and inform Capital One's business units on emerging threats
  • Communicate investigative outcomes with technical architecture context and conclusions to a variety of audiences, including company senior leadership and business partners
What we offer
What we offer
  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Senior Windows Detection Researcher (Cortex)

The team is responsible for developing and improving our Windows anti-malware pr...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in security research/analysis roles
  • Vast experience in Malware research - Advanced static and dynamic analysis tools
  • Experience in identifying, investigating, and responding to complex attacks
  • In-depth knowledge of inner Windows operating system Internals - Memory layout, processes & threads, User&Kernel space, etc
  • Experience in Python or other scripting languages
  • Understanding of the threat landscape in terms of the tools, tactics, and techniques of attacks
  • Excellent written and oral communication skills in English
  • Strong attention to detail
  • Experience in development of endpoint-based malware detection rules - big advantage
  • Experience with investigative technologies such as SIEM, packet capture analysis, host forensics, and Endpoint Detection and Response tools - advantage
Job Responsibility
Job Responsibility
  • Research and analyze malware and keep up-to-date on the most recent tactics and techniques used in the wild
  • Create behavioral-based protection that enhances our product's coverage
  • Leverage Palo Alto Networks massive collection network to identify coverage gaps and emerging threats
  • Assist in the design, evaluation, and implementation of new security technologies
  • Work in close coordination with other teams, including both development and other research teams, as well as support, sales and other cross-functional teams
  • Fulltime
Read More
Arrow Right

Security Engineer, Insider Threat Detection & Response

As a Security Engineer you will join our OpenAI engineers and researchers in bui...
Location
Location
United States , San Francisco; Seattle; New York City
Salary
Salary:
230000.00 - 385000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years experience working in a detection/response or insider-risk role
  • Broad familiarity with operating systems and platforms such as macOS, Windows, Linux, and Kubernetes, along with experience in cloud infrastructure
  • Knowledge of modern adversary tactics and attack paths, data exfiltration techniques, and have experience running and leading incidents
  • Proficiency with a scripting language (e.g. Python, Bash, PowerShell, or similar)
  • Independently manage and run projects, balance preventative controls with user friction, and prioritize efforts for risk reduction
  • Motivated by securing transformative technology and can adapt familiar security frameworks to new risks in AI infrastructure
Job Responsibility
Job Responsibility
  • Innovate on Detection and Response infrastructure to engineer and automate end-to-end detection and investigation workflows
  • Develop, measure, and tune detection rules to ensure effective and sustainable operations
  • Drive projects across OpenAI’s technology stack with a focus on insider threats, ranging from access abuse and intellectual property theft to novel risks emerging within AI infrastructure
  • Partner closely with cross-functional stakeholders, including HR, Legal, and peer investigative teams, providing technical expertise and evidence to support investigations
  • Collaborate on cutting-edge AI research, and use AI to improve OpenAI’s Security posture
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right

Senior/Staff Threat Detection Engineer

We're looking for an experienced and highly motivated Senior or Staff Threat Det...
Location
Location
United States , San Francisco
Salary
Salary:
214200.00 - 252000.00 USD / Year
abridge.com Logo
Abridge
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years in Detection Engineering, Incident Response, Advisory Emulation, Offensive Security and/or Threat Intelligence
  • Experience in high-growth environments where you've scaled security capabilities alongside rapid organizational expansion, managing evolving threat landscapes and increasing complexity
  • Exceptional communicator who can influence technical strategy across all organizational levels, from engineers to executive leadership
  • Proven track record leading critical, multi-week incident response efforts and driving post-incident strategic improvements
  • Deep technical expertise with demonstrated ability to architect scalable security systems and drive innovation in detection capabilities
  • History of moving forward ambiguous, organization-wide initiatives through influence, technical vision, and cross-functional collaboration
  • Expert-level knowledge of attacker tactics, techniques, and procedures across multiple threat actor groups
  • Systems thinker who navigates complexity pragmatically while building toward elegant, maintainable solutions
  • Strong experience with cloud security architecture and building production-grade automation and tooling
  • Strong scripting skills in multiple scripting/programming languages (Python, Go, etc.)
Job Responsibility
Job Responsibility
  • Leading investigations of complex, organization-wide security events and establishing best practices across multiple security domains (log analysis, digital forensics, malware analysis)
  • Designing and implementing the strategic roadmap for threat detection capabilities, creating high-fidelity detection systems based on deep understanding of advanced threat actor TTPs
  • Architecting scalable incident response processes and driving automation across the entire IR lifecycle, establishing patterns for the organization
  • Serving as incident commander for critical, cross-organizational security incidents and mentoring others in effective incident management practices
  • Driving security research initiatives, discovering novel detection mechanisms and presenting findings to internal teams, executive leadership, and external audiences
  • Defining build-vs-buy strategies for security tooling, leading major technical evaluations and driving organizational standards for security automation
  • Scaling the security team's capabilities and maturity through technical leadership, mentorship, establishing engineering best practices, and raising the hiring bar
What we offer
What we offer
  • Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
  • Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families
  • Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA
  • Paid Parental Leave: Generous paid parental leave for all full-time employees
  • Family Forming Benefits: Resources and financial support to help you build your family
  • 401(k) Matching: Contribution matching to help invest in your future
  • Personal Device Allowance: Tax free funds for personal device usage
  • Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits
  • Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more
  • Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals
  • Fulltime
Read More
Arrow Right
New

Principal Security Researcher

You will be part of the team that builds and delivers the threat detection capab...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep hands-on experience in vulnerability research, exploit analysis, IPS/IDS detection, offensive security, or closely related threat prevention work
  • Proven ability to identify important technical problems, propose detection ideas, drive execution, and deliver measurable product or customer impact
  • Deep understanding of common vulnerability classes and exploit techniques, including memory corruption, injection, authentication bypass, path traversal, SSRF, RCE, XSS, SQL injection, CSRF, MITM, and DoS
  • Strong ability to analyze vulnerability root cause, exploitability, PoC behavior, network traffic, protocol behavior, application-layer attack patterns, and detection tradeoffs
  • Experience translating vulnerability or exploit understanding into production-quality IPS signatures, IDS detections, network detections, or other customer-facing protections
  • Strong understanding of network protocols and application-layer behavior, especially HTTP, DNS, SMB, FTP, SMTP, TCP/UDP, TLS, and related protocols
  • Strong programming or scripting skills for research automation, tooling, test generation, detection development, or pipeline improvements
  • Ability to lead complex technical work under ambiguity, guide other researchers or developers, and make sound technical decisions under time pressure
  • Experience using AI, ML, automation, or research tooling to improve security analysis, detection development, validation, or response workflows is highly desirable
  • Foundational understanding of AI security scenarios or AI-assisted security workflows is a plus
Job Responsibility
Job Responsibility
  • Shape ATP detection strategy by identifying important vulnerability, exploit, and attack technique areas where new or improved protections are needed
  • Drive innovative detection ideas from concept to production, delivering measurable improvements in coverage, quality, speed, or scalability
  • Improve rapid response capability for zero-days, high-impact CVEs, and emerging attack vectors by guiding technical assessment, detection strategy, and release decisions
  • Raise the quality and consistency of IPS protections by defining detection approaches, validation expectations, and technical review standards for complex cases
  • Expand the team's ability to deliver protections at scale through practical automation, detection pipeline improvements, and AI-assisted research workflows
  • Provide hands-on technical leadership to researchers or developers through direction, review, problem decomposition, and execution guidance
  • Influence cross-functional decisions with product, QA, engineering, and research partners to ensure detections are technically sound, customer-relevant, and production-ready
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right
New

Senior Security Researcher

Microsoft Security aspires to make the world a safer place for all. We empower e...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.Sc./M.Sc. degree in Computer Science or related technical discipline
  • 6+ years of experience in cyber security with a background in the modern attacker kill-chain and MITRE ATT&CK, preferably in identity-based threat scenarios
  • Windows internals knowledge, along with good working knowledge of the main identity protocols (e.g., Kerberos, NTLM, LDAP, OAuth 2.0, SAML)
  • Good knowledge in at least one programming language such as C# (preferred), Python, or C++
  • Good knowledge in at least one language such as KQL, SQL, or Cypher
  • Demonstrated fluency leveraging Generative AI tools (e.g., GitHub Copilot, Security Copilot, ChatGPT/Claude, or equivalent LLM-based workflows) to scale day-to-day research work
  • Excellent cross-group, leadership, and interpersonal skills
  • A drive to tackle hard problems with notable levels of ambiguity
  • Ability to meet Microsoft, customer, and/or government security screening requirements are required for this role, including Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own end-to-end large research projects that deliver identity protection against the most prevalent threats in the landscape
  • Conduct in-depth investigation and research of data across multiple identity and additional sources to identify threats and sophisticated attack incidents
  • Keep up to date with the latest trends in cyber-attacks and create robust, sophisticated detection logics across the entire kill-chain
  • Collaborate with product management, security, and engineering teams across the company to design innovative solutions and new identity protection capabilities
  • Collaborate with data science teams to understand, identify, and implement detection gaps, capabilities, assumptions, and improvements
  • Leverage Generative AI tooling to scale research throughput
  • Demonstrate thought leadership and engage and enlighten others through compelling, meaningful content and informative sessions
  • Fulltime
Read More
Arrow Right