Palo Alto Networks is looking to solve the problem of protecting the digital way of life by being the cybersecurity partner of choice, and this role is specifically focused on providing tools to enable threat researchers and incident response consultants to work more efficiently across vast amounts of data.
Requirements
- demonstrable expertise in an operational security role - soc analysis, reverse engineering, threat intelligence monitoring and/or creation
- experience interpreting logs from commercial security products
- deep understanding of sandbox technologies; how they work and interpreting their reports
- expert experience in python is a must
- strong understanding of fundamental software design for data access and processing larger datasets (REST/SQL/BQ/Mongo/etc…)
- experience with automation to enable workflows and automate day to day tasks
- understanding of threat intelligence and its applications
Responsibilities
- designing and building threat centric application workflows, process automations, and the creation of threat intelligence for consumption by products, researchers, and customers
- interpreting threat intelligence from both automated systems and machine learning
- creating the software modules that generate indicator lists, measure indicator quality, and gauge the quality of intelligence ingested
- bridging security research and fundamental software implementation
- responding to operational anomalies and quality flags the system may raise
- automating the work to enable workflows and automate day to day tasks
- partnering with other security research teams
Other
- collaboration and teamwork to achieve common goals
- problem-solving and risk-taking to challenge cybersecurity's status quo
- commitment to diversity and inclusion in the workplace
- ability to work full-time from the office with flexibility when needed
- requirement to contact accommodations@paloaltonetworks.com for disability or special need accommodations
