Principal Reverse Engineer (Malware, Unit 42)

Full-time

The Unit 42 Malware team is a global team responsible for providing accurate malware analysis, threat hunting capabilities, and the development of malware automation pipelines. This role is designed for an experienced Reverse Engineer with familiarity specifically supporting consulting operations and threat intelligence. The role has flexible hours, but will have an on-call component that includes a commitment to shared coverage of high-priority tickets that may arrive between Friday through Sunday.

• The Unit 42 Malware team is a global team responsible for providing accurate malware analysis, threat hunting capabilities, and the development of malware automation pipelines. This role is designed for an experienced Reverse Engineer with familiarity specifically supporting consulting operations and threat intelligence. The role has flexible hours, but will have an on-call component that includes a commitment to shared coverage of high-priority tickets that may arrive between Friday through Sunday.

• Advanced knowledge with at least one disassembler (e.g. IDA Pro, Ghidra, Binary Ninja).
• Expertise with user-mode and kernel-mode debuggers (e.g. x64dbg, WinDbg, gdb).
• Developing and scaling reverse engineering automations (e.g. IDAPython, Ghidra Python, Docker).
• Deep understanding of modern malware techniques, including obfuscation and evasion tactics.
• Understanding of x86/x64 architecture and IL formats (e.g. .NET).
• Proficiency in at least one programming language (e.g. Python, C, C++).
• Knowledge of networking protocols (e.g. HTTP, DNS, TCP/IP) and analyzing traffic.
• Experience configuring sandboxes to increase hit-rate and accelerate analysis.
• Familiarity with prompt engineering and using LLMs to accelerate analysis.
• Advanced understanding of modern Windows internals relevant to malware analysis.
• Experience transforming/modifying malware to support analysis (e.g. deobfuscation).

• Proven track record of contributing to threat research initiatives
• Designing and building next-generation hunt tooling

• Hands-on experience with real-world malware and threats.
• Access to industry-leading tools and infrastructure.
• Opportunity to work on impactful projects that contribute to threat intelligence.
• A collaborative and supportive team environment.

We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us ataccommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.