Proofpoint
Overview
Join to apply for the
Staff Security Research Engineer
role at
Proofpoint . About Us We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We’re driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. How We Work At Proofpoint, you’ll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact. Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks. We help companies stop targeted threats, safeguard data, and make users more resilient against cyber-attacks. Leading organizations rely on Proofpoint for people-centric security and compliance solutions across email, the cloud, social media, and the web. We are devoted to helping our customers protect their greatest assets and biggest security risk—their people. Staff Security Research Engineer Your day-to-day Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team. Modify existing web-based UI for internal tools to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers. Some work requires writing C or C++ for low level OS interactions. Develop and maintain web browser interaction capabilities using Chrome WebDriver. Analyze and reverse engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation, and innovate solutions to defeat those checks. Familiarity with analyzing web front-end and the Document Object Model (DOM). Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files. Work closely with threat analysts and detection engineers who research threat actors and write detection rules which run on the systems you develop. As needed, create new detection languages and systems that allow threat researchers to develop detection rules. Add features to existing threat detection languages to allow greater flexibility by threat researchers to automate interactions with websites and detect threat patterns. Make use of AI Large Language Models as appropriate to enhance threat detection pipelines, produce samples to test evasion countermeasures, and decide when AI is beneficial versus detrimental to goals. Design and develop automation pipelines to turn manual tasks into automated scripts. Stay abreast of a constantly evolving threat landscape and understand the latest tactics, techniques, and procedures used by threat actors to bypass detection environments, especially URL sandbox fingerprinting/detection/evasion techniques. As needed, provide expert assistance and support to threat researchers and analysts as they analyze phishing websites, threat detection evasion techniques, and security research or red team demonstrations of new evasion techniques. As needed to support sandbox countermeasure development, reverse engineer malware executable files for Windows (note: primary malware reverse engineering responsibilities rest on other roles and are not expected regularly for this role). Apply critical thinking to identify efficient and effective ways to mitigate threats and evasions. Work effectively as part of a remote team using chat, video chat, and conference calls. Work with other engineering teams to define requirements for continuous improvement of critical detection capabilities. What You Bring To The Team As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, malware, phishing, and TTPs and responding to the quickly changing threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. A passion for threat research and a deep understanding of the security threat landscape and actor TTPs, especially countermeasures for threat actor evasions and sandbox detection techniques. Ability to write production-grade, reliable Python code with instrumentation that supports observability and monitoring of performance and errors. Experience developing software using Docker containers. Experience developing web browser automation. Experience analyzing network traffic for threat detection and a solid understanding of TLS, HTTP, and other network protocols used by malware. Willing and able to work independently and collaboratively as part of a distributed team of security researchers. Ability to perform the above in a fully remote work environment. The following skills and experience are nice to have, but candidates lacking them should still apply Experience with C and C++ is a plus. Experience developing Windows API hooks and researching undocumented Windows API internal functions is a plus. Experience writing malware behavior signatures. Some experience analyzing malware using a debugger, and willingness to learn is a plus. Experience with static reverse engineering using IDA Pro, Ghidra, Binary Ninja, or other tools is a plus, though expertise is not required. Ability to interpret forensic output from dynamic analysis (sandbox) environments. Experience with a variety of publicly available malware sandboxes (e.g., Cuckoo, Joe Sandbox, Any Run, Triage). Additional Information Travel 1% - 10% (flexible) for team collaboration or security conferences. Location: Canada (Remote), US (Remote), Argentina (Remote), UK (Remote), Ireland (Remote), Germany (Remote), France (Remote), Switzerland (Remote). Must be able to work during business hours local to your time zone. Why Proofpoint As a customer-focused and driven-to-win organization with leading edge products, there are many reasons to join Proofpoint. We hire the best and cultivate a culture of collaboration and appreciation. We are a multinational company with locations in many countries, contributing to Proofpoint’s culture. Why Proofpoint? We offer a comprehensive compensation and benefits package including: Competitive compensation Comprehensive benefits Learning & Development programs including leadership and professional development workshops, stretch projects, and mentoring opportunities Flexible work environment (Remote options, hybrid schedules, flexible hours) Annual wellness and community outreach days Always-on recognition for contributions Global collaboration and networking opportunities Our Culture Our culture is rooted in values that inspire belonging, empower purpose and drive success—every day, for everyone. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com. How to Apply Interested? Submit your application here: https://www.proofpoint.com/us/company/careers. We can’t wait to hear from you! Pay transparency: Our compensation reflects the cost of labor across U.S. markets; offers are based on candidate qualifications. This role may be eligible for variable compensation and/or equity. Benefits include flexible time off, wellness and volunteer days, and a Work from Anywhere option. Base Pay Ranges SF Bay Area, New York City Metro Area: 194,475.00 - 285,230.00 USD. All other listed locations: 148,425.00 - 238,150.00 USD. Seniority level
Not Applicable Employment type
Full-time Job function
Engineering and Information Technology Industries: Computer and Network Security and Software Development Referral notice: Referrals increase your chances of interviewing at Proofpoint by 2x.
#J-18808-Ljbffr
Join to apply for the
Staff Security Research Engineer
role at
Proofpoint . About Us We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We’re driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. How We Work At Proofpoint, you’ll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact. Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks. We help companies stop targeted threats, safeguard data, and make users more resilient against cyber-attacks. Leading organizations rely on Proofpoint for people-centric security and compliance solutions across email, the cloud, social media, and the web. We are devoted to helping our customers protect their greatest assets and biggest security risk—their people. Staff Security Research Engineer Your day-to-day Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team. Modify existing web-based UI for internal tools to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers. Some work requires writing C or C++ for low level OS interactions. Develop and maintain web browser interaction capabilities using Chrome WebDriver. Analyze and reverse engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation, and innovate solutions to defeat those checks. Familiarity with analyzing web front-end and the Document Object Model (DOM). Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files. Work closely with threat analysts and detection engineers who research threat actors and write detection rules which run on the systems you develop. As needed, create new detection languages and systems that allow threat researchers to develop detection rules. Add features to existing threat detection languages to allow greater flexibility by threat researchers to automate interactions with websites and detect threat patterns. Make use of AI Large Language Models as appropriate to enhance threat detection pipelines, produce samples to test evasion countermeasures, and decide when AI is beneficial versus detrimental to goals. Design and develop automation pipelines to turn manual tasks into automated scripts. Stay abreast of a constantly evolving threat landscape and understand the latest tactics, techniques, and procedures used by threat actors to bypass detection environments, especially URL sandbox fingerprinting/detection/evasion techniques. As needed, provide expert assistance and support to threat researchers and analysts as they analyze phishing websites, threat detection evasion techniques, and security research or red team demonstrations of new evasion techniques. As needed to support sandbox countermeasure development, reverse engineer malware executable files for Windows (note: primary malware reverse engineering responsibilities rest on other roles and are not expected regularly for this role). Apply critical thinking to identify efficient and effective ways to mitigate threats and evasions. Work effectively as part of a remote team using chat, video chat, and conference calls. Work with other engineering teams to define requirements for continuous improvement of critical detection capabilities. What You Bring To The Team As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, malware, phishing, and TTPs and responding to the quickly changing threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. A passion for threat research and a deep understanding of the security threat landscape and actor TTPs, especially countermeasures for threat actor evasions and sandbox detection techniques. Ability to write production-grade, reliable Python code with instrumentation that supports observability and monitoring of performance and errors. Experience developing software using Docker containers. Experience developing web browser automation. Experience analyzing network traffic for threat detection and a solid understanding of TLS, HTTP, and other network protocols used by malware. Willing and able to work independently and collaboratively as part of a distributed team of security researchers. Ability to perform the above in a fully remote work environment. The following skills and experience are nice to have, but candidates lacking them should still apply Experience with C and C++ is a plus. Experience developing Windows API hooks and researching undocumented Windows API internal functions is a plus. Experience writing malware behavior signatures. Some experience analyzing malware using a debugger, and willingness to learn is a plus. Experience with static reverse engineering using IDA Pro, Ghidra, Binary Ninja, or other tools is a plus, though expertise is not required. Ability to interpret forensic output from dynamic analysis (sandbox) environments. Experience with a variety of publicly available malware sandboxes (e.g., Cuckoo, Joe Sandbox, Any Run, Triage). Additional Information Travel 1% - 10% (flexible) for team collaboration or security conferences. Location: Canada (Remote), US (Remote), Argentina (Remote), UK (Remote), Ireland (Remote), Germany (Remote), France (Remote), Switzerland (Remote). Must be able to work during business hours local to your time zone. Why Proofpoint As a customer-focused and driven-to-win organization with leading edge products, there are many reasons to join Proofpoint. We hire the best and cultivate a culture of collaboration and appreciation. We are a multinational company with locations in many countries, contributing to Proofpoint’s culture. Why Proofpoint? We offer a comprehensive compensation and benefits package including: Competitive compensation Comprehensive benefits Learning & Development programs including leadership and professional development workshops, stretch projects, and mentoring opportunities Flexible work environment (Remote options, hybrid schedules, flexible hours) Annual wellness and community outreach days Always-on recognition for contributions Global collaboration and networking opportunities Our Culture Our culture is rooted in values that inspire belonging, empower purpose and drive success—every day, for everyone. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com. How to Apply Interested? Submit your application here: https://www.proofpoint.com/us/company/careers. We can’t wait to hear from you! Pay transparency: Our compensation reflects the cost of labor across U.S. markets; offers are based on candidate qualifications. This role may be eligible for variable compensation and/or equity. Benefits include flexible time off, wellness and volunteer days, and a Work from Anywhere option. Base Pay Ranges SF Bay Area, New York City Metro Area: 194,475.00 - 285,230.00 USD. All other listed locations: 148,425.00 - 238,150.00 USD. Seniority level
Not Applicable Employment type
Full-time Job function
Engineering and Information Technology Industries: Computer and Network Security and Software Development Referral notice: Referrals increase your chances of interviewing at Proofpoint by 2x.
#J-18808-Ljbffr