Senior Linux Research Engineer (Cortex) at Palo Alto Networks

Company Overview

At Palo Alto Networks®, our journey begins with a singular mission: To be the cybersecurity partner of choice, safeguarding our digital lives. We envision a safer, more secure world with each passing day, and we thrive on challenging the status quo of cybersecurity. We're on the lookout for innovators who are as passionate about shaping the future of cybersecurity as we are.

Our Approach to Work

We prioritize flexibility and choice in all our people programs, moving away from the traditional view that all employees have the same needs and wishes. Our approach focuses on personalization, giving our employees the autonomy to choose what works best for them – from well-being support to professional growth and development.

Job Description

Your Career

We're seeking a highly skilled Senior Linux Research Engineer to join our Threat and Detection team. This team specializes in PANW Cortex Security & Security Assurance features across multiple operating systems, including Linux and cloud workloads. You will be responsible for integrating and developing proof of concepts (POCs) for both known and emerging threats based on research from your teammates.

Your Impact

• Quickly learn new security features, technologies, and platforms.
• Gain hands-on experience with scalable, real-time detection/prevention systems.
• Analyze and identify real-world vulnerabilities, malware, and exploits.
• Develop POCs for various Linux/Nix features.
• Utilize data-driven approaches to identify and mitigate threats.
• Reproduce and analyze security issues and bugs.
• Enhance our security automation coverage and infrastructure/tooling.
• Collaborate with research and low-level engineering groups to identify security issues and gaps.
• Scale existing tooling and infrastructure for both on-prem and cloud workloads.

Qualifications

Requirements:

• 4+ years of C/C++ programming skills.
• Deep understanding of operating system infrastructure.
• 3+ years of information security experience, including coverage testing (red/blue/purple teaming).
• Proficient in file formats such as ELF, Mach-O, Zip, Packers, etc.
• Experience in Linux user-mode development.
• Comfortable with multi-distro software development.
• Strong knowledge of fundamental computer science concepts (computer architecture, operating systems, compilers, file systems, algorithms, data structures).
• Proficiency with Git and Jira.
• Willingness to learn and step outside of your comfort zone.
• Comfortable working collaboratively and remotely to achieve complex team goals.
• Excellent written and verbal communication skills.
• Strong analytical and problem-solving abilities.
• Proven track record of delivering features in large-scale applications or core systems.

Preferred Qualifications:

• Experience with software security and Linux security models (e.g., SELinux, Secure Boot, AppArmor).
• Experience with containers, Docker, Kubernetes.
• Experience with Linux namespaces, cgroups, and other isolation techniques.
• Deep understanding of operating system attack surfaces.
• Knowledge of Python and Bash scripting.
• Experience with disassemblers, debuggers, and reverse engineering tools.
• Familiarity with multiple Linux distributions and networking stack.
• Strong debugging skills on various Linux platforms.
• Experience with Rust/GO or other low-level programming languages.
• Experience with various cybersecurity technologies and standards (e.g., MITRE ATT&CK framework).

The Team

Our infrastructure team is part of the Cortex Platform group and is highly technical and multidisciplinary. Detached from the product roadmap, we focus on backend infrastructure, developing shared components, tackling high-scale infrastructure issues, and optimizing our developer experience. You’ll collaborate closely with DevOps teams, Pipeline teams, and various other teams to improve functionality and efficiency across our platforms.

Our Commitment

As trailblazers in cybersecurity, we dream big, take risks, and