Principal Product Security Researcher

P

Palo Alto Networks

Principal Product Security Researcher

Santa Clara, CA
Full Time
Paid
  • Responsibilities

    Job Description

    Your Career

    These days, the threat landscape is fluid and always changing. Cyber bad-actors are constantly finding new and diabolically creative ways to get to your data and there’s just no telling what door they’ll knock on next. As a Sr. Staff Product Security Researcher, you will be helping Palo Alto Networks in a high visibility role to stay ahead of the curve in addressing these latest threats, overseeing vulnerability response and remediation across all of Palo Alto Networks offerings.

    Your Impact

    • Research security vulnerabilities identified in our products or cloud offerings.

    • Work with exceptional security professionals from across the company as well as across the industry.

    • Provide guidance to ensure appropriate vulnerability remediation: assist with developing and reviewing defensive solutions.

    • Lead and collaborate with stakeholders across the company and beyond including executives, engineering, infosec, privacy, legal, support, sales, customers, security researchers, and industry partners.

    • Work with a growth mindset and learn about the latest trends in cybersecurity.

    • Publish security advisories to provide clarity and guidance to customers regarding security concerns.

  • Qualifications

    Qualifications

    Your Experience

    • Experience with secure programming concepts.

    • Experience with Linux, Operating System Concepts, Networking, Cloud computing.

    • Good understanding of web/application security threats and defenses (code injection, XSS, etc.,).

    • Experience handling product security crisis situations such as breaches or 0-days.

    • Familiarity with OWASP guidelines. Participation in Capture the Flag (CTF) events, a local OWASP chapter, or similar security-focused communities is a plus.

    • Familiarity with agile software development/continuous integration/automation.

    • Excellent written and verbal communication skills.

    • Strong analytical and problem-solving skills, ability to work independently.

    • Ability to lead and collaborate across functional teams as well as external partners, security researchers, and other security teams.

    • An existing public blog entry on a technical issue, comment on a mailing list or open-source issue, or other technical comments on social media that illustrates the ability to communicate complex security topics would be a plus.

    • Demonstrated experience (such as academic projects) in Javascript, NodeJS, Java, C. Relational and NoSQL databases. Ability to read and understand multiple programming languages would be a plus.

    • Experience in a red/blue/purple team would be a plus.

    Education

    • BS or MS Degree in Engineering or Computer Science related to computer security, application security, information security, network security, or cryptography.

    Additional Information

    The Team

    Think about it, security for an information security company. Working at a high-tech cybersecurity company within the product Security team is a once in a lifetime opportunity. You’ll be joined with the brightest minds in technology, our global teams on the front line of defense against cyberattacks. We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.

    Compensation Disclosure

    The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $170000 - $2770000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.

    #LC1

    Our Commitment

    We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

    We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

    Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

    All your information will be kept confidential according to EEO guidelines.