Sr Staff Security Researcher (advanced Threat Prevention)

Sr Staff Security Researcher (Advanced Threat Prevention)

You will be part of the team that builds and delivers the threat detection capabilities powering Palo Alto Networks' Advanced Threat Prevention (ATP). The ATP Detection team is responsible for decoding network protocols, identifying applications, and detecting threats across our enterprise customers' networks.

As a Sr. Staff Security Researcher, you will not only contribute to detection development, but also drive your own innovative research ideas from concept to production, and take ownership of at least one major project. You will collaborate closely with peers and cross-functional partners to strengthen our detection technologies and directly protect customers from advanced threats.

Your impact includes:

• Propose and execute innovative detection ideas, bringing them from research into production.
• Lead at least one operational or research project end-to-end, ensuring quality and timely delivery.
• Conduct in-depth research into vulnerabilities, attack vectors, and exploit techniques, and translate findings into effective IPS/ML-based detections.
• Respond rapidly to Zero-Day vulnerabilities by developing and shipping protections within 24 hours.
• Reverse engineer software to uncover new vulnerabilities and deliver actionable intelligence.
• Collaborate with engineering, QA, and product teams to ensure scalable, robust detection methodology.
• Mentor junior team members, providing technical guidance and raising the overall bar of the team.

Your experience includes:

• Strong collaborator with excellent communication skills and ability to work across cross-functional groups.
• Deep understanding of exploit techniques such as buffer overflows, use-after-free, format string, XSS, SQL injection, CSRF, MITM, and DoS.
• Strong knowledge of core network protocols including HTTP, UDP, FTP, SMTP, DNS, and SMB.
• Skilled in analyzing network traffic using tcpdump, Wireshark, or equivalent tools.
• Experience with AI/ML in security is a plus.
• Proficient in Windows and Linux development environments.
• Strong programming background with scripting languages (e.g., Python, Bash, Perl); experience with penetration testing tools (Metasploit, Burp Suite, Nmap) and debugging tools (WinDbg, OllyDbg, GDB) is a strong plus.
• BS/MS in Computer Science, Computer Engineering, or equivalent professional/military experience.
• CTF experience is a plus.
• Publications or presentations at top security venues (e.g., Black Hat, DEF CON) are highly valued.
• Proven ability to independently drive an idea into a delivered solution or project.