Principal Researcher

 Posted 7 days ago
     
10+ years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Lead end-to-end investigations into global network infrastructure and adversary activity to support government and commercial customers. Develop custom tooling, internet scanning probes, and finished intelligence products for senior stakeholders.

Our Mission

At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.

Who We Are

In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!

This role is remote, but distance is no barrier to impact. Our hybrid teams collaborate across geographies to solve big problems, stay close to our customers, and grow together. You will be part of a culture that values trust, accountability, and shared success where your work truly matters.

Job Summary

Your Career

As a member of the Unit 42, National Security (NATSEC) team, you will be working closely with a globally distributed team of vulnerability researchers, reverse engineers, and threat intelligence analysts. In this role you will work with the Cyber Research Engineering team to conduct investigations into global network infrastructure in support of both government and commercial customer requirements. 

Your Impact

  • Lead investigations end-to-end in response to customer intelligence requirements, from inquiry through collection and analysis to delivered product.

  • Investigate adversary infrastructure, exposures, and observable activity across large datasets, correlating signals at gigabyte-to-petabyte scale.

  • Build the tooling and infrastructure investigations require.

  • Produce finished intelligence in both strategic and technical registers, from senior-leader assessments to analyst-to-analyst methodology write-ups and indicators.

  • Innovate, develop, and implement new methods, capabilities, or customer deliverables.

  • Research unfamiliar products or protocols as investigations require, design the collection to characterise them, and interpret the results.

  • Design and deploy custom Internet scanning to collect what existing platforms don't cover, including probe development, scan infrastructure decisions (attribution, geographic origin, hosting), and analysis of results.

  • Set technical direction for investigations and raise the craft across the team in data work, collection design, source evaluation, and report writing.

  • Shape which investigations the team prioritises and which capabilities we build next.

Qualifications

Your Experience

  • Have or be eligible for a DV-level security clearance.

  • BS/MS in Computer Science, Computer Engineering, or 5+ years of experience as a cyber threat intelligence analyst.

  • Experience producing written intelligence products across both strategic and technical registers for government, intelligence community, or commercial equivalents.

  • Experience leveraging netflow, passive DNS, IP registration, malware telemetry, and other data sets to form comprehensive threat assessments.

  • Broad knowledge of nation-state APT groups and how their tactics, techniques, and procedures differ.

  • Fluency in SQL at scale, with the analytical instincts to know what to ask of the data.

  • Proficiency in Python, Rust, or Go.

  • Deep understanding of how the Internet works: routing, the devices that move information, and the protocols carrying them.

  • Experience standing up the infrastructure and tooling required to deliver an investigation, not just executing existing playbooks.

  • Hands-on experience with active Internet scanning — designing probes, executing collection at scale, and analyzing responses.

  • Experience researching unfamiliar products or protocols, designing collection to characterise them, and producing intelligence findings from the results.

  • Comfortable explaining technical findings to senior government stakeholders.

  • Fluent in written and spoken English at the standard required for finished intelligence.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Is role eligible for Immigration Sponsorship?: Yes

Similar Jobs

See all Remote Teaching jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Teaching

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified