Security Research Engineer (XDR Security)
Cato Networks
Welcome to the future of cloud networking and security!
Cato Networks is the first company to converge enterprise networking and security into one centralized and global service that is delivered by cloud. It is led by networking and security pioneer Shlomo Kramer (Check Point, Imperva) and early investor (Palo Alto Networks, Exabeem, Trusteer and more). Cato’s unique technology inspired a brand-new product category, later named “SASE” by Gartner and a market expected to reach $28.5 billion by 2028.
This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader – don’t miss it!
Cato Networks is seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the Cato XDR platform. Leveraging the rich data available in the Cato Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of Cato’s XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
- Develop advanced detection logic for the XDR platform to identify security threats.
- Conduct research using Cato Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
- Create hunting heuristics and methodologies to uncover unknown or emerging threats.
- Continuously improve detection accuracy and enhance the platform’s ability to identify threats in a dynamic security landscape.
- Participate in cybersecurity breach investigations and security incident activities.
- Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.
Requirements and skills
- Proven hands-on experience in the cybersecurity industry, specifically in XDR\SIEM platforms (2+ years)
- Comprehensive understanding of the cybersecurity landscape, common threats, and attack scenarios, such as malware infections, command and control (C&C) communication, drive-by attacks, phishing, and network scans
- Practical experience with security technologies, including firewalls (FW), intrusion prevention systems/intrusion detection systems (IPS/IDS), antivirus (AV), endpoint protection, and network forensics tools
- Strong knowledge of networking architecture and protocols, including TCP/IP, DNS, SSL, SMB, HTTP, IP Routing, etc.
- Analytical mindset, capable of formulating hypotheses and validating them through in-depth analysis and technical evidence
- Good written and verbal communication skills in English.
- Proficiency in at least one scripting language such as Python or Ruby
- Ability to work effectively as a team player, demonstrating responsibility and strong organizational skills
- Education
- Advantage – BSc. in Computer Science, Information technology, Mathematics or similar