Senior Staff Researcher (Unit 42)

About The Position

Requirements

• Minimum of 7 years of experience in the cyber threat intelligence (CTI) field with a specialized focus on intelligence engineering and threat research.
• Strong understanding of security tooling, including the underlying data structures and complex data flows required for modern defense.
• Strong ability to architect scalable solutions to process, deduplicate, and enrich threat data, ensuring all intelligence is accurately tagged and discoverable by analytic end users.
• Knowledge of cyber threat actors, noteworthy attacks, and the ability to quickly recognize shifts or deviations from threat activity baselines.
• Ability to provide tailored defensive recommendations based on identified activity.
• A proven track record of proactive threat hunting within enterprise security consoles with a strong preference for experience using Palo Alto Networks’ Cortex product.
• Experience communicating complex threat intelligence to diverse audiences, including C-suite executives.
• Proven ability to operate under short-fuse deadlines, manage concurrent tasks, and thrive in complex and sometimes ambiguous situations.
• Deep experience with cyber threat intelligence frameworks (e.g., MITRE ATT&CK) and advanced analytical techniques.

Nice To Haves

• Previous experience supporting a customer organization as a designated resource preferred.

Responsibilities

• Integrate intelligence use cases into security tooling, including data feed collation, deduplication, and the creation of threat dashboards.
• Correlate raw network and host-based indicators to attribute activity to specific threat actor groups, intrusion clusters, and malware families.
• Utilize Palo Alto Networks telemetry, commercial tools, and open-source data to identify and track threat activities of interest, pivoting between the customers findings and Palo Alto Networks telemetry.
• Leverage intelligence discoveries to perform threat hunts within the client’s Cortex security console.
• Provide tailored research and analysis for client-based Requests for Information (RFIs) to include relevant cyber threat activities, trends, or shifts in the threat landscape.
• Create a cyber threat profile that identifies top threats and provides tailored defensive recommendations based on their unique operational footprint.
• Assist in upskilling customer team capacity through mentorship sessions, and other micro-learning initiatives on best practices in CTI.
• Provide monthly briefings to customer leadership highlighting relevant threats, trends, and support provided.