Novartis

Healthcare

DefensiveCyberSecurityResearcher

$650–950k ~AI est. Tel-Aviv, Israel FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Director candidates.

The Brief

“Defensive Cyber Security Researcher at Novartis. Skills: Cyber Security Research, Threat Hunting, Malware Analysis, AI Security. Hunt for emerging threats. Dissect threats”

Industry & Context.

Healthcare

Problems you'll solve

Root cause analysis

What They're Looking For.

Must Have

5+ years Incident Response, 5+ years malware investigations, Critical understanding cyber attacker kills chain, High familiarity Active Directory, High familiarity Entra ID, High familiarity Azure AD security, Solid understanding AI security risks, Proven ability work with SOC teams, Experience working with CTI teams, Good familiarity Red Teaming tools, Advanced programming skills scripting languages, Familiarity nation-state threat landscape

Nice to Have

Relevant Technical Security Certifications

What You'll Do.

Hunt for emerging threats

Extract indicators of compromise

Demonstrate adversary tactics

Analyze malicious activity

Participate in hunting missions

Eradicate threat actors

Provide analytic investigative support

Perform incident analysis

Enhance alert performance

Perform malware reverse

Perform memory forensics

Perform disk forensics

Produce technical reports

Review detection alerts

Recommend improvements

Identify potential threats

Identify suspicious activity

Identify anomalous activity

Research AI security risks

Assess AI security risks

Develop defensive guidance

Develop detection rules

Collaborate with CTI teams

Operationalize intelligence feeds

Enrich hunting missions

Contribute research outputs

How You'll Work.

Team & Collaboration

Security Operations Center; Cyber Threat Intelligence teams

Communication Scope

Oral communication; Written communication

Full Job Description

**Job Description Summary** Location: Tel-Aviv, Israel #LI-Hybrid 3 days/week in office Internal job title: Assoc. Dir. DDIT ISC Security Research About the role: The Defensive Cyber Security Researcher will be part of a new Think Tank group of security researchers that will challenge Novartis information security defenses, application security and data protection. The Defensive Cyber Security Researcher will be responsible for participating in threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions. The focus of the Defensive Cyber Security Researcher is to detect, disrupt and eradicate threat actors from enterprise networks, including emerging AI-driven and AI-assisted threats. To execute this mission, the Defensive Cyber Security Researcher will use data analysis, threat intelligence, and cutting-edge security technologies — with a growing emphasis on understanding how AI can be weaponized against the organization and how it can be leveraged defensively. The Defensive Cyber Security Researcher will identify and analyze patterns and changes in tactics, techniques and procedures used by attackers to attack Novartis IT infrastructure and management staff. The analysis will result in indicators of compromise, accurate understanding of the risk to Novartis IT infrastructure and prioritization of remediation efforts. **Job Description** **Key Responsibilities:** * Hunt through huge number of signals to identify new emerging threats, dissect them and extract meaningful insights and indicators of compromise. * Demonstrate adversary tactics to recognize and analyze malicious activity (techniques, tools and processes) based on a combination of behavioral activity and signature based analysis. * Participate in "hunting missions" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors on the Novartis network. *

Free ATS check

Applying for this Defensive Cyber Security Researcher role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 71 detected · ranked by frequency

Malware Analysis ×5

Wireshark ×4

Cobalt Strike ×4

Behavioral analysis ×3

Signature analysis ×3

Log data analysis ×3

Static analysis ×3

Dynamic analysis ×3

AD attack paths ×3

Graph analysis ×3

AD tiering models ×3

Conditional Access ×3

Privilege escalation ×3

Lateral movement ×3

Adversarial machine learning ×3

Generative AI tools ×3

Detection engineering ×3

Alert tuning ×3

Escalation workflows ×3

Subject matter expert ×3

High-severity incident ×3

Research depth ×3

Operational tempo ×3

Consuming intelligence ×3

Structured intelligence ×3

Cyber Security Research ×2

Threat Hunting ×2

AI Security ×2

Python

Perl

Ruby

Active Directory

BEHAVIOURAL

Interpersonal skillsCommunication skills

Role Details

Seniority mid

Level Director

Work Mode Hybrid

Type FULL TIME

Salary Band 200k+

AI-Extracted Insights

Domain Areas

cyber-attacker-kills-chainactive-directory-securityentra-id-securityazure-ad-securityad-attack-pathsad-tiering-modelsconditional-accessai-security-risks

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Novartis?

Real rants from real employees. Read before you apply.

Read Company Rants →