STEM OPT Security Researcher Jobs
Security Researcher roles in vulnerability research, threat intelligence, and penetration testing qualify for STEM OPT's 24-month extension when your degree is in computer science, cybersecurity, or a related STEM field. Your employer must be enrolled in E-Verify, and you'll need a signed I-983 training plan before your start date.
Find STEM OPT Security Researcher JobsOverview
Showing 5 of 13+ Security Researcher jobs
See all Security Researcher Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Security Researcher roles.
Get Access To All JobsLocation: Santa Clara, California, United States
Our Mission
At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.
Who We Are
In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!
We believe collaboration thrives in person. That’s why most of our teams work from the office full time, with flexibility when it’s needed. This model supports real-time problem-solving, stronger relationships, and the kind of precision that drives great outcomes.
Job Summary
Your Career:
The DNS Security Research team delivers high-quality content to our products to prevent successful cyberattacks, focusing especially on DNS security, IP layer defense, and network security. We design, build, and maintain various detection systems and data infrastructures to protect customers against constantly evolving threats and attacks.
Your Impact:
- Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
- Design and build scalable and extensible prevention/detection systems.
- Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques.
- Convert research results and discoveries into products, research papers, etc.
Qualifications
Your Experience:
- PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience.
- 2+ years of Security research experience.
- Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research.
- Expertise in DNS and IPv4/IPv6.
- Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting.
- Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats.
- Excellent programming skills in Python, Shell script, Go, or SQL.
- Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.).
- Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery.
- Be comfortable working independently, efficiently.
- Excellent communication (written and verbal) and presentation skills.
- Experience with malware traffic analysis is a plus.
- Experience with graph database (e.g. Neo4j, Amazon Neptune), graph-based analysis is a plus.
- Experience with Google Cloud Platform is a plus.
- Proven success (past publication record, open source project contributions) is a big plus.
Compensation Disclosure
The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be the annual range listed below. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.
- $162,700.00 - $263,175.00/yr
Our Commitment
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
All your information will be kept confidential according to EEO guidelines.
Is role eligible for Immigration Sponsorship?: Yes
Location: Santa Clara, California, United States
Our Mission
At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.
Who We Are
In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!
We believe collaboration thrives in person. That’s why most of our teams work from the office full time, with flexibility when it’s needed. This model supports real-time problem-solving, stronger relationships, and the kind of precision that drives great outcomes.
Job Summary
Your Career:
The DNS Security Research team delivers high-quality content to our products to prevent successful cyberattacks, focusing especially on DNS security, IP layer defense, and network security. We design, build, and maintain various detection systems and data infrastructures to protect customers against constantly evolving threats and attacks.
Your Impact:
- Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
- Design and build scalable and extensible prevention/detection systems.
- Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques.
- Convert research results and discoveries into products, research papers, etc.
Qualifications
Your Experience:
- PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience.
- 2+ years of Security research experience.
- Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research.
- Expertise in DNS and IPv4/IPv6.
- Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting.
- Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats.
- Excellent programming skills in Python, Shell script, Go, or SQL.
- Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.).
- Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery.
- Be comfortable working independently, efficiently.
- Excellent communication (written and verbal) and presentation skills.
- Experience with malware traffic analysis is a plus.
- Experience with graph database (e.g. Neo4j, Amazon Neptune), graph-based analysis is a plus.
- Experience with Google Cloud Platform is a plus.
- Proven success (past publication record, open source project contributions) is a big plus.
Compensation Disclosure
The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be the annual range listed below. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.
- $162,700.00 - $263,175.00/yr
Our Commitment
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
All your information will be kept confidential according to EEO guidelines.
Is role eligible for Immigration Sponsorship?: Yes
See all STEM OPT Security Researcher Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new STEM OPT Security Researcher Jobs.
Get Access To All JobsTips for Finding STEM OPT Authorization in Security Researcher
Verify your CIP code before applying
Check that your degree's Classification of Instructional Programs code maps to an approved STEM field on the ICE STEM-designated degree list. Cybersecurity, computer science, and information assurance CIP codes all qualify, but "general IT" programs sometimes don't.
Confirm E-Verify status before accepting offers
Ask HR directly whether the company is enrolled in E-Verify before you sign anything. Federal contractors are required to participate, but many private-sector security research teams aren't. USCIS won't approve your STEM OPT extension if the employer isn't enrolled at the time of filing.
Build a training plan tied to security research skills
Your I-983 must list concrete learning objectives: reverse engineering, malware analysis, or CVE research are defensible. Vague goals like "gain professional experience" get flagged during DSO review. Align each objective to a deliverable your manager can assess at the 12-month evaluation.
Target employers with cleared research programs
Many Security Researcher roles sit inside cleared facilities or support cleared programs, which can complicate STEM OPT timing. Identify employers that sponsor both the work authorization and any required clearance pathway upfront, since clearance processing rarely aligns with OPT deadlines.
Search Migrate Mate for verified STEM OPT employers
Filter your Security Researcher job search on Migrate Mate to surface employers already verified for STEM OPT hiring. Seeing a company's prior authorization history tells you whether their HR team knows the I-983 and E-Verify process before you spend time on applications.
File your extension at least 90 days before OPT ends
Your DSO must recommend the STEM OPT extension in SEVIS, and USCIS recommends submitting your I-765 at least 90 days before your current EAD expires. If the application is pending on your end date, the cap-gap provision keeps you authorized while USCIS adjudicates.
Frequently Asked Questions
Does my degree qualify me for the STEM OPT extension as a Security Researcher?
Your degree qualifies if its CIP code appears on the ICE STEM-designated degree list. Degrees in computer science, cybersecurity, information assurance, electrical engineering, and mathematics all typically qualify. If your degree is in a field like criminal justice with a cybersecurity concentration, check the CIP code with your DSO before assuming eligibility, since the listed field of study controls, not the job title.
What does the I-983 training plan need to include for a Security Researcher role?
The I-983 must connect your day-to-day Security Researcher work to the STEM field of your degree. List specific learning goals such as vulnerability assessment methodology, exploit development, or threat modeling. Your supervisor signs off on evaluations at 12 months and again at the end of the extension. Generic descriptions won't satisfy DSO review, so tie each objective to a measurable outcome.
How do I confirm my employer is enrolled in E-Verify?
Ask the recruiter or HR contact directly whether the company is an E-Verify participant. You can also search the E-Verify employer search tool on the E-Verify website to look up participating employers by name. Enrollment must be active before your STEM OPT extension is approved, and your I-983 must name the employer's E-Verify company identification number.
Where can I find Security Researcher jobs where employers already understand STEM OPT?
Migrate Mate lists Security Researcher openings filtered for employers who are familiar with STEM OPT authorization and E-Verify enrollment. Searching there lets you focus on roles where the hiring process is already set up for F-1 candidates, rather than educating employers about the extension requirements from scratch.
What happens to my work authorization if my H-1B is selected in the lottery before my STEM OPT ends?
If your H-1B visa petition is filed while your STEM OPT EAD is valid and your status remains in F-1, the cap-gap provision extends your work authorization automatically through September 30 of the fiscal year the H-1B takes effect. You can continue working as a Security Researcher during the gap without a new EAD, as long as your employer filed before your OPT expired.