Proofpoint
Overview
Join to apply for the
Staff Security Research Engineer
role at
Proofpoint About Us We are the leader in human-centric cybersecurity. Proofpoint protects organizations from threats, with half a million customers including 87 of the Fortune 100. We’re driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. How We Work At Proofpoint, you’ll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact. Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks. We provide an integrated suite of cloud-based solutions to stop targeted threats and safeguard data. We serve organizations of all sizes, including more than half of the Fortune 1000, with people-centric security and compliance solutions across email, the cloud, social media, and the web. Protection starts with people. Staff Security Research Engineer
Your day-to-day Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team
Some skill in modifying existing web-based UI for internal tools is needed to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers to use
Some work requires skill in writing C or C++ for low level interactions with the OS
Develop and maintain web browser interaction capabilities using Chrome web driver
Analyze and Reverse Engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation, and innovate solutions to defeat those checks
Familiarity with analyzing web front-end and the Document Object Model (DOM)
Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files
Work closely with threat analysts and detection engineers who research threat actors and write detection rules which run on the systems you develop
As needed, create new detection languages and systems that allow threat researchers to develop detection rules
Add features to existing threat detection languages to allow greater flexibility by threat researchers to automate interactions with websites and detect threat patterns
Make use of AI Large Language Models as appropriate to enhance threat detection pipelines, produce samples to test evasion countermeasures, and make sound decisions about when applying AI is a benefit vs. a detriment to achieving goals
Design and develop automation pipelines to turn manual tasks into automated scripts
Stay abreast of a constantly evolving threat landscape
Understand the latest tactics, techniques, and procedures used by threat actors to bypass detection environments, especially URL sandbox fingerprinting / detection / evasion techniques used by threat actors
As needed, provide expert assistance and support to threat researchers and analysts as they analyze phishing websites, threat detection evasion techniques, and security research or red team demonstrations of new evasion techniques
As needed to support sandbox countermeasure development, reverse engineering malware executable files for Windows (note primary malware reverse engineering responsibilities rest on other job roles and are not expected regularly for this role).
Apply critical thinking skills to identify the most efficient and effective way to mitigate threats and evasions
Work effectively as part of a remote team using chat, video chat and conference calls
Work with other engineering teams, defining requirements, for continuous improvement of critical detection capabilities
What You Bring To The Team
As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, malware, phishing, and TTPs and responding to the quickly changing threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. If you enjoy keeping abreast of and analyzing attacker techniques, malware and phishing campaigns, and using that knowledge to counteract those threats with innovative software solutions, then this is the role for you.
A passion for threat research and a well-rounded yet deep understanding of the security threat landscape and actor TTPs, especially understanding how to develop countermeasures for threat actor evasions and sandbox detection techniques
Ability to write production-grade, reliable Python code with instrumentation that supports observability and monitoring of performance and errors is required
Experience developing software using Docker containers is required
Experience developing web browser automation is required
Experience analyzing network traffic for threat detection and a solid understanding of TLS, HTTP, and other network protocols used by malware is required
Willing and able to work independently and collaboratively as part of a distributed team of industry-leading security researchers
Ability to perform the above in a fully remote work environment
The following skills and experience are nice to have, but candidates lacking them should still apply
Experience with C and C++ is a plus
Experience developing Windows API hooks and knowing how to research undocumented Windows API internal functions is a plus
Experience writing malware behavior signatures
Some experience analyzing malware using a debugger, and willingness to learn is a plus
Experience with statically reverse engineering malware using IDA Pro, Ghidra, Binary Ninja, or other reverse engineering tools is a plus, although being an expert is not required
Ability to accurately interpret the forensic output of dynamic analysis (sandbox) environments
Experience with a variety of publicly-available malware sandboxes (for example Cuckoo, Joe Sandbox, Any Run, Triage, etc.)
Additional Information
Travel 1% - 10% (flexible) mainly for team collaboration or security conferences
Location Canada (Remote), US (Remote), Argentina (Remote), UK (Remote), Ireland (Remote), Germany (Remote), France (Remote), Switzerland (Remote)
Must be able to work during business hours local to your time-zone
Why Proofpoint
As a customer focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and developing great teams is key to our success! We are a multi-national company with locations in many countries, with each location contributing to Proofpoint’s amazing culture! Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you’ll love working with us
Competitive compensation
Comprehensive benefits
Learning & Development We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
Flexible work environment [Remote options, hybrid schedules, flexible hours, etc.]
Annual wellness and community outreach days
Always on recognition for your contributions
Global collaboration and networking opportunities
Our Culture Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com.
How to Apply Interested? Submit your application here https //www.proofpoint.com/us/company/careers. We can’t wait to hear from you!
Consistent with Proofpoint values and applicable law, we provide information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a comprehensive benefits package, including flexible time off, a well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option.
Base Pay Ranges SF Bay Area, New York City Metro Area: 194,475.00 - 285,230.00 USD; California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska: 162,375.00 - 238,150.00 USD; All other cities and states excluding those listed above: 148,425.00 - 217,690.00 USD
Seniority level
Not Applicable
Employment type
Full-time
Job function
Engineering and Information Technology Industries: Computer and Network Security and Software Development
Note: This refinement preserves the core information while removing extraneous line breaks and formatting issues. This version uses only allowed HTML tags and aims to improve readability and maintainability.
#J-18808-Ljbffr
Join to apply for the
Staff Security Research Engineer
role at
Proofpoint About Us We are the leader in human-centric cybersecurity. Proofpoint protects organizations from threats, with half a million customers including 87 of the Fortune 100. We’re driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. How We Work At Proofpoint, you’ll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact. Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks. We provide an integrated suite of cloud-based solutions to stop targeted threats and safeguard data. We serve organizations of all sizes, including more than half of the Fortune 1000, with people-centric security and compliance solutions across email, the cloud, social media, and the web. Protection starts with people. Staff Security Research Engineer
Your day-to-day Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team
Some skill in modifying existing web-based UI for internal tools is needed to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers to use
Some work requires skill in writing C or C++ for low level interactions with the OS
Develop and maintain web browser interaction capabilities using Chrome web driver
Analyze and Reverse Engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation, and innovate solutions to defeat those checks
Familiarity with analyzing web front-end and the Document Object Model (DOM)
Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files
Work closely with threat analysts and detection engineers who research threat actors and write detection rules which run on the systems you develop
As needed, create new detection languages and systems that allow threat researchers to develop detection rules
Add features to existing threat detection languages to allow greater flexibility by threat researchers to automate interactions with websites and detect threat patterns
Make use of AI Large Language Models as appropriate to enhance threat detection pipelines, produce samples to test evasion countermeasures, and make sound decisions about when applying AI is a benefit vs. a detriment to achieving goals
Design and develop automation pipelines to turn manual tasks into automated scripts
Stay abreast of a constantly evolving threat landscape
Understand the latest tactics, techniques, and procedures used by threat actors to bypass detection environments, especially URL sandbox fingerprinting / detection / evasion techniques used by threat actors
As needed, provide expert assistance and support to threat researchers and analysts as they analyze phishing websites, threat detection evasion techniques, and security research or red team demonstrations of new evasion techniques
As needed to support sandbox countermeasure development, reverse engineering malware executable files for Windows (note primary malware reverse engineering responsibilities rest on other job roles and are not expected regularly for this role).
Apply critical thinking skills to identify the most efficient and effective way to mitigate threats and evasions
Work effectively as part of a remote team using chat, video chat and conference calls
Work with other engineering teams, defining requirements, for continuous improvement of critical detection capabilities
What You Bring To The Team
As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, malware, phishing, and TTPs and responding to the quickly changing threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. If you enjoy keeping abreast of and analyzing attacker techniques, malware and phishing campaigns, and using that knowledge to counteract those threats with innovative software solutions, then this is the role for you.
A passion for threat research and a well-rounded yet deep understanding of the security threat landscape and actor TTPs, especially understanding how to develop countermeasures for threat actor evasions and sandbox detection techniques
Ability to write production-grade, reliable Python code with instrumentation that supports observability and monitoring of performance and errors is required
Experience developing software using Docker containers is required
Experience developing web browser automation is required
Experience analyzing network traffic for threat detection and a solid understanding of TLS, HTTP, and other network protocols used by malware is required
Willing and able to work independently and collaboratively as part of a distributed team of industry-leading security researchers
Ability to perform the above in a fully remote work environment
The following skills and experience are nice to have, but candidates lacking them should still apply
Experience with C and C++ is a plus
Experience developing Windows API hooks and knowing how to research undocumented Windows API internal functions is a plus
Experience writing malware behavior signatures
Some experience analyzing malware using a debugger, and willingness to learn is a plus
Experience with statically reverse engineering malware using IDA Pro, Ghidra, Binary Ninja, or other reverse engineering tools is a plus, although being an expert is not required
Ability to accurately interpret the forensic output of dynamic analysis (sandbox) environments
Experience with a variety of publicly-available malware sandboxes (for example Cuckoo, Joe Sandbox, Any Run, Triage, etc.)
Additional Information
Travel 1% - 10% (flexible) mainly for team collaboration or security conferences
Location Canada (Remote), US (Remote), Argentina (Remote), UK (Remote), Ireland (Remote), Germany (Remote), France (Remote), Switzerland (Remote)
Must be able to work during business hours local to your time-zone
Why Proofpoint
As a customer focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and developing great teams is key to our success! We are a multi-national company with locations in many countries, with each location contributing to Proofpoint’s amazing culture! Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you’ll love working with us
Competitive compensation
Comprehensive benefits
Learning & Development We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
Flexible work environment [Remote options, hybrid schedules, flexible hours, etc.]
Annual wellness and community outreach days
Always on recognition for your contributions
Global collaboration and networking opportunities
Our Culture Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com.
How to Apply Interested? Submit your application here https //www.proofpoint.com/us/company/careers. We can’t wait to hear from you!
Consistent with Proofpoint values and applicable law, we provide information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a comprehensive benefits package, including flexible time off, a well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option.
Base Pay Ranges SF Bay Area, New York City Metro Area: 194,475.00 - 285,230.00 USD; California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska: 162,375.00 - 238,150.00 USD; All other cities and states excluding those listed above: 148,425.00 - 217,690.00 USD
Seniority level
Not Applicable
Employment type
Full-time
Job function
Engineering and Information Technology Industries: Computer and Network Security and Software Development
Note: This refinement preserves the core information while removing extraneous line breaks and formatting issues. This version uses only allowed HTML tags and aims to improve readability and maintainability.
#J-18808-Ljbffr