Check Point Research (CPR) is looking for a Threat Researcher to join its Threat Intelligence Analysis (TIA) team. The team is responsible of discovering, analyzing and tracking advanced threat actors and campaigns, with a strong focus on high-end cybercrime and state-sponsored activities. You will join a team of motivated, independent & highly technical individuals and contribute the effort to protect Check Point customers and empower the Check Point brand.

Key Responsibilities
Identify, understand and monitor advanced campaigns using publicly available sources as well as internal telemetry.
Analyze malware and other hacking tools utilized by threat actors in active campaigns and intrusions.
Create technical research content for public and private intelligence reports.
Help build protections and detections based on deep understanding of advanced threat actors Tactics Techniques and Procedures (TTPs).
Collaborate with other security teams to assist threat intelligence and research tasks.

Check Point Research is expanding and establishing a new international force of talented Researchers. We are looking for a Malware Analysis Team Leader with a deep focus on cybercrime investigations to lead a dynamic team of experts dedicated to identifying, analyzing, publishing, and mitigating cybercrime-related threats. This leadership role will drive advanced malware analysis efforts, conduct threat research, publish in top conferences and blogs, and coordinate with internal and external stakeholders to combat and prevent cybercriminal activities. The ideal candidate will have strong technical expertise in malware reverse engineering, a deep understanding of cybercrime tactics, and excellent communication skills, including the ability to present findings clearly and publish research for internal stakeholders and the broader cybersecurity community.

The work of our researchers is constantly presented at international conferences and covered by major media outlets globally. Threat research is an exciting area for us, and we give the CP members the freedom and means to practice it.

Key Responsibilities
Lead the Malware Analysis Team: Manage and mentor a team of skilled researchers on identifying, analyzing, and mitigating malware associated with cybercrime, including ransomware, banking Trojans, exploit kits, and other forms of cybercriminal malware.
Cybercrime Threat Intelligence: Collaborate with threat intelligence teams to analyze malware in the context of cybercrime syndicates and criminal activity. Identify trends, tactics, and patterns in malware usage by cybercriminal groups and provide actionable intelligence to relevant teams and external partners.
Malware Reverse Engineering: Lead efforts in reverse-engineering malicious software, tracking variants, and identifying attack techniques, tactics, and procedures (TTPs) cybercriminal actors use.
Cross-Functional Collaboration: Work closely with internal teams (e.g., Incident Response, Threat Intelligence, SOC) and external stakeholders (e.g., law enforcement, CERT, threat intelligence providers) to share findings, collaborate on investigations and coordinate actions to disrupt cybercrime activities.
Publication and Thought Leadership: Produce detailed, high-quality research reports and technical papers based on malware analysis and cybercrime investigations. Contribute to the publication of findings in industry-leading forums, conferences, and journals, establishing the organization as a thought leader in cybersecurity.
Presentations and Reporting: Prepare and deliver presentations to technical and non-technical stakeholders, including executives, legal teams, and law enforcement. Communicate complex findings, research insights, and actionable intelligence on cybercrime and malware trends.
Training and Development: Mentored junior team members, providing guidance on malware analysis techniques, threat hunting, and reporting. Foster a culture of continuous improvement, encouraging knowledge sharing and professional development within the team.
Stay Informed on Emerging Threats: Regularly monitor and research new and evolving cybercrime tactics, malware trends, and global threat intelligence. Leverage this knowledge to enhance the organization's defense posture and share updates with relevant stakeholders.

Requirements:
5+ years of experience in malware analysis, cybercrime investigations, or related fields.
2+ years in a leadership or team management role with experience leading cybersecurity operations in high-stakes environments.
Expertise in malware reverse engineering (static and dynamic analysis).
Proficiency in using industry-standard tools such as IDA Pro, X64, VT, Etc.
Strong understanding of common malware types used in cybercrime (e.g., ransomware, keyloggers, exploit kits, mobile threats).
Development skills with Python, C/C++, Assembly, or other scripting languages for malware analysis and automation.

.המשרה מיועדת לנשים ולגברים כאחד

Come and be part of a dynamic team focused on securing cutting-edge AI and cloud technologies in a rapidly evolving threat landscape. We are leading new initiatives and research projects across AI Security, Identity Protection, and SaaS Defense, and this role offers a unique opportunity to help define the rules of the game. AI is transforming the way we interact with computers and machines and defining new cybersecurity problems and opportunities - we are looking for a Principal Researcher who can help us stay ahead of the curve.

In this role, youll research and build defenses across AI systems, agentic protocols, Identity platforms, and SaaS applications. One day you might analyze a new class of AI prompt injection attacks or Agents abuse, the next youll be hunting through data or creating novel protection mechanisms for them. Youll work closely with product teams to turn research prototypes into real security features.

Join our threat protection research team and be part of a team who contributes to Microsofts most advanced and innovative security solutions. Our mission is to help everyone to counter cyber threats by strengthening their security capabilities across their entire environment, including Identities, Agentic AI systems, Cloud and Applications.
Responsibilities
Research and develop detection methods for new and advanced attack techniques -from exploits to implants. Build end-to-end PoCs, from offensive testing to scalable detection, across all our cloud and identity platforms.
Stay up to date on the latest attack trends and build strong detections across the kill chaincovering agentic AI & LLM threats, cloud and identity-based attacks.
Collaborate with multiple product and engineering teams to design the next iteration of security products, implement detection ideas and validate their effectiveness using a data-driven approach.
Collaborate with data science teams to drive ML based protections, understand, and identify detection gaps, capabilities, assumptions, and improvements.
Provide cybersecurity expertise as needed during security escalations and incidents to help protect Microsoft and our customers.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

The Microsoft Security organization accelerates Microsofts mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Are you passionate about disrupting #CloudSecurity? Join us at Microsoft, the largest security company in the world, and work on leading planet-scale products! 🚀 At the Microsoft Cloud Security team, we take immense pride in developing a diverse set of security products and services that are leaders in their respective market segments. Our innovative solutions have set new industry standards, earning global recognition for safeguarding critical infrastructure at the highest scale. Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) designed to protect cloud-based applications running in all major cloud providers. It includes cloud security posture management (CSPM) to identify and mitigate weak spots in cloud configurations, and cloud workload protection (CWP) to detect real-time attacks and help the SOC respond and mitigate threats.



We are a diverse group of talented professionals, including software engineers, security researchers, product managers, and data scientists, collaborating to develop products that secure our customers, including the biggest companies in the world. You will work in a supportive and inclusive environment where you will learn and collaborate with the best and brightest minds in the industry, make a significant impact, grow your skills, and advance your career
Responsibilities
Conduct in-depth analysis and research on cloud and containerized environments to identify threats, vulnerabilities, and potential risks.
Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection strategies across the entire kill-chain.
Collaborate with internal and external teams to forge new defenses and concepts that help mature Microsoft security products.
Demonstrate leadership in an exceptionally challenging and rewarding environment and influence the organization.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions.

The Microsoft Security organization accelerates Microsofts mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

Are you passionate about disrupting #CloudSecurity? Join us at Microsoft, the largest security company in the world, and work on leading planet-scale products! 🚀 At the Microsoft Cloud Security team, we take immense pride in developing a diverse set of security products and services that are leaders in their respective market segments. Our innovative solutions have set new industry standards, earning global recognition for safeguarding critical infrastructure at the highest scale. Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) designed to protect cloud-based applications running in all major cloud providers. It includes cloud security posture management (CSPM) to identify and mitigate weak spots in cloud configurations, and cloud workload protection (CWP) to detect real-time attacks and help the SOC respond and mitigate threats.

We are a diverse group of talented professionals, including software engineers, security researchers, product managers, and data scientists, collaborating to develop products that secure our customers, including the biggest companies in the world. You will work in a supportive and inclusive environment where you will learn and collaborate with the best and brightest minds in the industry, make a significant impact, grow your skills, and advance your career.

Responsibilities
Conduct in-depth analysis and research on cloud and containerized environments to identify threats, vulnerabilities, and potential risks.
Investigate, analyze, and learn from security researchers, attackers, and real incidents to develop durable detection strategies across the entire kill-chain.
Collaborate with internal and external teams to forge new defenses and concepts that help mature Microsoft security products.
Demonstrate leadership in an exceptionally challenging and rewarding environment and influence the organization.