Senior Manager - Security Research Engineering (Xpanse)

San Francisco, CA, United States

Applications have closed

Palo Alto Networks

Implement Zero Trust, Secure your Network, Cloud workloads, Hybrid Workforce, Leverage Threat Intelligence & Security Consulting. Cybersecurity Services & Education for CISO’s, Head of Infrastructure, Network Security Engineers, Cloud...

View company page

Company Description

Our Mission

At Palo Alto Networks® everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.

Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

FLEXWORK is an employee-centric reimagining of how we work. We built FLEXWORK based on employee feedback – it is about flexibility, trust, and choice whenever possible. It’s been a journey of disruption that has yielded the best of our values. We offer as much flexibility as possible, and choices that enable you to be most productive, including benefits that meet your needs and learning opportunities that you feel passionate about.

Our Approach to Work

At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work from the office three days per week, leaving two days for choice and flexibility to work where you feel most effective. This setup fosters casual conversations, problem-solving, and trusted relationships. While details may evolve, our goal is to create an environment where innovation thrives, with office-based teams coming together three days a week to collaborate and thrive, together!

Job Description

Your Career

We’re looking for a Senior Security Research Engineering Manager to lead Cortex Xpanse’s Security Research teams, responsible for policy and payload generation, as well as the creation of automated remediation content.

Xpanse's mission is to find risks online and protect the world’s largest organizations from malicious software and hackers. Our Internet intelligence platform collects petabytes of Internet data, leverages artificial intelligence to discover “unknown unknown” risks for customers, and delivers those insights via a SaaS web application. 

In this role, you will manage a team responsible for the creation of payloads, which will be used by our internet scanning infrastructure to understand what services are exposed across the global Internet. Your team will also be responsible for creating new policies, which encode risky device configurations as code that is run over observations from our global scanning data. We expect the team to both proactively source policies and payloads to create from newly discovered CVEs and to respond to Xpanse customer requests. Your guidance will also be key in pushing the boundaries of the types of risks it’s possible to assess through our internet scanning. 

You will also manage a team responsible for enabling customers to remediate issues in their attack surface through automation. This team’s roadmap is driven by Palo Alto Network’s desire to build the most robust ASM solution in the market that can not only detect risks, but also contextualize and respond to them automatically.

Your Impact

  • Manage a team of security research engineers that can help Xpanse identify and structure more and more types of services running on the global Internet
  • Manage a team of security architects tasked with building the automation necessary to enrich, contextualize, and automatically mitigate risks Xpanse detects on customer attack surfaces
  • Own Xpanse’s triage and response to new emerging threats. Your team is responsible both for implementing the necessary payloads and policies to detect new critical risks as well as collaborating and communicating with other Xpanse teams, the greater Cortex business unit, and wider Palo Alto Networks research teams
  • Prioritize across the backlog of customer-requested policies and payloads
  • Proactively add topical policies and payloads to your team’s backlog based on trends in exploitation and market demand
  • Stay apprised of critical business needs and help us continue to scale; balance resources and projects accordingly


Your Experience

  • Bachelor's degree in Computer Science, Data Science, Engineering, or other technical discipline (or equivalent professional experience) or equivalent military experience required
  • Experience managing teams of security researchers or similar technical skills, providing them with thoughtful feedback and with the resources they need to be successful
  • Familiarity with concepts like FIRST TLP, Threat Intelligence, and other vulnerability management and incident response concepts  
  • Ability to concisely communicate complex subject matter to technical and non-technical audiences
  • High-level understanding of computer networks and of how the Internet works
  • Ability to (nicely) persuade and influence others; ability to collaborate with technical and cross-functional teams who may not report into you to get things done
  • Comfort with ambiguity and making decisions with imperfect information 

Additional Information

The Team

Cortex Xpanse helps protect some of the world’s most important organizations by finding risks on the Internet that no one else can find. Our security research teams are at the core of our products and are responsible for building security detections for our products that allow customers to turn trillions of Internet data points into critical cybersecurity insights. We are constantly innovating — challenging the way we, and the industry, think about cybersecurity. Our engineers don’t shy away from building products to solve problems no one has pursued before.

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $190,400/yr to $308,000/yr. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.


Tags: Artificial Intelligence ASM Automation Computer Science Incident response SaaS Threat intelligence Vulnerability management

Perks/benefits: Career development Medical leave Salary bonus

Region: North America
Country: United States
Job stats:  7  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.