Principal Researcher

Palo Alto Networks
London, United Kingdom
Yesterday
Job Type
Permanent
Work Pattern
Full-time
Work Location
Remote
Seniority
Lead
Education
Degree
Visa Sponsorship
Available
Security Clearance
Required
Posted
3 Jul 2026 (Yesterday)

Benefits

Remote working Equal opportunity employer Reasonable accommodations for disabilities Diversity and inclusion commitment

Our Mission

At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.

Who We Are

In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!

This role is remote, but distance is no barrier to impact. Our hybrid teams collaborate across geographies to solve big problems, stay close to our customers, and grow together. You will be part of a culture that values trust, accountability, and shared success where your work truly matters.

Job Summary

Your Career

As a member of the Unit 42, National Security (NATSEC) team, you will be working closely with a globally distributed team of vulnerability researchers, reverse engineers, and threat intelligence analysts. In this role you will work with the Cyber Research Engineering team to conduct investigations into global network infrastructure in support of both government and commercial customer requirements.

Your Impact

  • Lead investigations end-to-end in response to customer intelligence requirements, from inquiry through collection and analysis to delivered product.

  • Investigate adversary infrastructure, exposures, and observable activity across large datasets, correlating signals at gigabyte-to-petabyte scale.

  • Build the tooling and infrastructure investigations require.

  • Produce finished intelligence in both strategic and technical registers, from senior-leader assessments to analyst-to-analyst methodology write-ups and indicators.

  • Innovate, develop, and implement new methods, capabilities, or customer deliverables.

  • Research unfamiliar products or protocols as investigations require, design the collection to characterise them, and interpret the results.

  • Design and deploy custom Internet scanning to collect what existing platforms don't cover, including probe development, scan infrastructure decisions (attribution, geographic origin, hosting), and analysis of results.

  • Set technical direction for investigations and raise the craft across the team in data work, collection design, source evaluation, and report writing.

  • Shape which investigations the team prioritises and which capabilities we build next.

Qualifications

Your Experience

  • Have or be eligible for a DV-level security clearance.

  • BS/MS in Computer Science, Computer Engineering, or 5+ years of experience as a cyber threat intelligence analyst.

  • Experience producing written intelligence products across both strategic and technical registers for government, intelligence community, or commercial equivalents.

  • Experience leveraging netflow, passive DNS, IP registration, malware telemetry, and other data sets to form comprehensive threat assessments.

  • Broad knowledge of nation-state APT groups and how their tactics, techniques, and procedures differ.

  • Fluency in SQL at scale, with the analytical instincts to know what to ask of the data.

  • Proficiency in Python, Rust, or Go.

  • Deep understanding of how the Internet works: routing, the devices that move information, and the protocols carrying them.

  • Experience standing up the infrastructure and tooling required to deliver an investigation, not just executing existing playbooks.

  • Hands-on experience with active Internet scanning — designing probes, executing collection at scale, and analyzing responses.

  • Experience researching unfamiliar products or protocols, designing collection to characterise them, and producing intelligence findings from the results.

  • Comfortable explaining technical findings to senior government stakeholders.

  • Fluent in written and spoken English at the standard required for finished intelligence.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Is role eligible for Immigration Sponsorship?: Yes

Related Jobs

View all jobs
Spotlight

Senior ML Compiler Engineer

Fractile Bristol, United Kingdom
Spotlight

Senior Machine Learning Scientist

Chattermill London, United Kingdom
Remote

Principal Technologist- i.AI

Incubator for AI London, United Kingdom
£74,605 – £90,756 pa Hybrid Clearance Required

Principal Research Engineer

Synthesia London, United Kingdom
Remote

Principal Machine Learning Infrastructure Engineer

PhysicsX London, United Kingdom

Principal ML Platform Engineer

Synthesia London, United Kingdom
Remote

Principal/Staff Software Engineer

Synthesia United Kingdom
On-site

Software Engineer (Principal level)

Synthesia London, United Kingdom
Hybrid

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

What Is an AI Forward Deployed Engineer? The Fastest-Growing Job in AI for 2026

If you have been watching AI job boards over the past year, one title keeps surfacing again and again: the forward deployed engineer, or FDE. It has gone from a niche term known mainly to Palantir alumni to arguably the hottest role in the entire AI hiring market. Job postings for forward deployed engineers have exploded, salaries have climbed past levels most software engineers will ever see, and the biggest names in AI — OpenAI, Anthropic, Google, Salesforce, Databricks and Palantir — are all competing for the same small pool of talent. So what exactly is an AI forward deployed engineer, why has demand surged so dramatically, and how do you position yourself to land one of these roles? This guide breaks it all down for AI engineers, software engineers and data scientists looking at their next move.