Senior Threat Hunting Researcher (Unit 42)

paloaltonetworks· Palo Alto Networks (Israel Services) Ltd.
Apply Now ↗
📍 Office - Israel - Tel AvivFull time
Full timeNoPalo Alto Networks (Israel Services) Ltd.

About this role

Our Mission

At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.

Who We Are

In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!

We believe collaboration thrives in person. That’s why most of our teams work from the office full time, with flexibility when it’s needed. This model supports real-time problem-solving, stronger relationships, and the kind of precision that drives great outcomes.

Job Summary

Job Summary

Palo Alto Networks is seeking a Senior Threat Hunting Researcher for Unit 42’s Managed Services group, a senior hands-on role combining threat hunting, detection engineering, and incident investigation experience. You will proactively hunt across diverse telemetry to identify suspicious behaviors and emerging threats that evade traditional security. A key part of the role is translating low-fidelity signals into high-fidelity hunting logic and reusable detection opportunities. You will collaborate with multiple teams to share findings, explain coverage, and support response and improvement efforts.

Key Responsibilities

  • Proactively hunt for suspicious behaviors, malware activity, threat actor tradecraft, and emerging campaign patterns across large-scale customer telemetry.

  • Build, validate, and tune hunting and detection logic across multiple data sources and security products.

  • Translate low-fidelity signals, alerts, incidents, and coverage gaps into high-fidelity hunting content and reusable detection opportunities.

  • Investigate suspicious activity using available telemetry and clearly communicate findings, limitations, and recommended next steps.

  • Improve detection quality by reducing false positives, increasing signal fidelity, and identifying meaningful coverage gaps.

  • Collaborate with MDR, Incident Response, Threat Intelligence, Product, and Engineering to improve protection and operational scalability.

  • Deliver clear, evidence-based reports and technical findings that help customers understand risk and improve defenses.

Qualifications

Required Qualifications

  • 6+ years of hands-on cybersecurity experience across threat hunting, incident response, detection development, security research, SOC, or related security operations.

  • Strong understanding of attacker tradecraft, threat hunting methodologies, incident investigation workflows, and behavior-based detection concepts.

  • Hands-on experience with XDR, EDR, SIEM, cloud, identity, or similar security platforms, including alert investigation, telemetry analysis, and detection validation.

  • Proven experience writing complex hunting, detection, or correlation logic using XQL, SQL, KQL, SPL, or similar query languages.

  • Ability to translate low-fidelity signals, alerts, incidents, threat intelligence, and coverage gaps into high-fidelity hunting logic and reusable detection opportunities.

  • Experience creating, tuning, or validating hunting and detection content, including scheduled queries, analytics rules, BIOCs, correlation rules, or similar detection logic.

  • Strong understanding of detection quality concepts, including true-positive and false-positive analysis, signal-to-noise ratio, tuning, coverage gaps, and operational scalability.

  • Strong analytical, research, documentation, and communication skills, with the ability to clearly explain technical findings, detection assumptions, and coverage limitations.

  • Self-starter with strong attention to detail, ownership mindset, and ability to work independently in a fast-changing environment.

Preferred Qualifications

  • Python, SQL, notebooks, automation, or big-data hunting experience.

  • Experience with data science, statistics, anomaly detection, clustering, scoring, behavioral baselining, or other analytical hunting techniques.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Is role eligible for Immigration Sponsorship? No. Please note that we will not sponsor applicants for work visas for this position.

Frequently Asked Questions

Is the salary disclosed for the Senior Threat Hunting Researcher (Unit 42) position at paloaltonetworks?
The salary for this Senior Threat Hunting Researcher (Unit 42) role at paloaltonetworks is not publicly listed. Click "Apply Now" to learn more about the compensation package on their official careers page.
Where is the Senior Threat Hunting Researcher (Unit 42) position at paloaltonetworks located?
This Senior Threat Hunting Researcher (Unit 42) role at paloaltonetworks is based in Office - Israel - Tel Aviv. The position is listed as on-site or hybrid. Check the full job description or apply directly to confirm the work arrangement.
Is the Senior Threat Hunting Researcher (Unit 42) role at paloaltonetworks full-time or part-time?
This is listed as a Full time position. It is posted as a Senior Threat Hunting Researcher (Unit 42) role in the Palo Alto Networks (Israel Services) Ltd. department at paloaltonetworks.
Which team or department does the Senior Threat Hunting Researcher (Unit 42) at paloaltonetworks belong to?
This Senior Threat Hunting Researcher (Unit 42) position is part of the Palo Alto Networks (Israel Services) Ltd. department at paloaltonetworks. See the full job description for more information about the team structure and responsibilities.
How do I apply for the Senior Threat Hunting Researcher (Unit 42) position at paloaltonetworks?
Click the "Apply Now" button on this page. You will be redirected to paloaltonetworks's official application portal hosted on workday where you can submit your application directly.
Solutions Consultant
paloaltonetworks
View →
Full time
📍 Dublin
Domain Consultant 2
paloaltonetworks
View →
Full time
📍
Regional Sales Manager, East Africa
paloaltonetworks
View →
Full time
📍
Technical Support Engineer
paloaltonetworks
View →
Full time
📍
Sr Recruiter II / Sr Sourcer II
paloaltonetworks
View →
Full time
📍 Paris
Data Operations Specialist
paloaltonetworks
View →
Full time
📍
Senior Threat Hunting Researcher (Unit 42)
paloaltonetworks
Apply for this role ↗

You'll be redirected to paloaltonetworks's official application page on Workday.