Proofpoint
Overview
Staff Security Research Engineer role at Proofpoint. Join our Threat Research team to track threat actors, malware, phishing, and TTPs and to respond to the evolving threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. About Proofpoint
We are a leader in human-centric cybersecurity. We help organizations stop targeted threats, safeguard data, and make users more resilient against cyber-attacks. We value collaboration and a culture of BRAVE core values: Bold, Responsive, Accountable, Visionary, Exceptional. Your day-to-day
Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team Modify existing web-based UI for internal tools to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers Write C or C++ for low level OS interactions as needed Develop and maintain web browser interaction capabilities using Chrome web driver Analyze and reverse engineer JavaScript that fingerprints web browser artifacts to identify sandbox checks; innovate solutions to defeat those checks Familiarity with analyzing web front-end and the DOM Develop and maintain software for processing network traffic, including TLS decryption and PCAP processing Collaborate with threat analysts and detection engineers who research threat actors and write detection rules for the systems you develop Create new detection languages/systems to enable threat researchers to develop detection rules Enhance detection languages to automate website interactions and detect threat patterns Apply AI Large Language Models to augment threat detection pipelines and test evasion countermeasures where appropriate Design and develop automation pipelines to turn manual tasks into automated scripts Stay abreast of the evolving threat landscape and understand attacker TTPs, especially URL sandbox fingerprinting/detection/evasion techniques Provide expert assistance to threat researchers and analysts on phishing websites and evasion techniques Reverse engineer malware executable files for Windows as needed (primary responsibilities may rest on other roles) Apply critical thinking to identify efficient mitigations for threats and evasions Collaborate with remote teammates via chat, video, and conferencing; coordinate with other engineering teams to improve critical detection capabilities What You Bring To The Team
As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll join an expert group focused on tracking threat actors, malware, phishing, and TTPs, and developing software that detects and prevents threats. A passion for threat research with deep understanding of security landscapes and TTPs, including countermeasures for evasions and sandbox detection Production-grade Python coding with instrumentation for observability and monitoring Experience with Docker containers Experience with web browser automation Experience analyzing network traffic for threat detection; strong understanding of TLS, HTTP, and other protocols Ability to work independently and in a distributed team Nice-to-Have
Experience with C/C++, Windows API hooks, malware behavior signatures, dynamic/multi-sandbox analysis tools (e.g., IDA Pro, Ghidra, Binary Ninja), and reverse engineering concepts. Experience with C/C++ is a plus Experience researching undocumented Windows API functions Experience writing malware behavior signatures Experience with malware analysis using debuggers Experience with static reverse engineering using tools like IDA Pro, Ghidra, or Binary Ninja Ability to interpret forensic outputs from dynamic analysis Experience with multiple malware sandboxes (e.g., Cuckoo, Joe Sandbox, Any Run, Triage) Additional Information
Travel 1% - 10% (flexible) Location: Remote options in Canada, US, Argentina, UK, Ireland, Germany, France, Switzerland Must be able to work during business hours in your local time zone Why Proofpoint
We offer competitive compensation and a comprehensive benefits package, with emphasis on learning, development, flexible work options, and global collaboration. We provide pay transparency and a competitive benefits package, including wellbeing days and a Work from Anywhere option. Base Pay Ranges
Base pay varies by location and is provided during the interview process. The actual offer will be based on the candidate’s experience and other factors. Seniority level
Not Applicable Employment type
Full-time Job function
Engineering and Information Technology Industries: Computer and Network Security and Software Development Referrals increase your chances of interviewing at Proofpoint. Get notified about new Staff Research Engineer jobs in Helena, MT.
#J-18808-Ljbffr
Staff Security Research Engineer role at Proofpoint. Join our Threat Research team to track threat actors, malware, phishing, and TTPs and to respond to the evolving threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. About Proofpoint
We are a leader in human-centric cybersecurity. We help organizations stop targeted threats, safeguard data, and make users more resilient against cyber-attacks. We value collaboration and a culture of BRAVE core values: Bold, Responsive, Accountable, Visionary, Exceptional. Your day-to-day
Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team Modify existing web-based UI for internal tools to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers Write C or C++ for low level OS interactions as needed Develop and maintain web browser interaction capabilities using Chrome web driver Analyze and reverse engineer JavaScript that fingerprints web browser artifacts to identify sandbox checks; innovate solutions to defeat those checks Familiarity with analyzing web front-end and the DOM Develop and maintain software for processing network traffic, including TLS decryption and PCAP processing Collaborate with threat analysts and detection engineers who research threat actors and write detection rules for the systems you develop Create new detection languages/systems to enable threat researchers to develop detection rules Enhance detection languages to automate website interactions and detect threat patterns Apply AI Large Language Models to augment threat detection pipelines and test evasion countermeasures where appropriate Design and develop automation pipelines to turn manual tasks into automated scripts Stay abreast of the evolving threat landscape and understand attacker TTPs, especially URL sandbox fingerprinting/detection/evasion techniques Provide expert assistance to threat researchers and analysts on phishing websites and evasion techniques Reverse engineer malware executable files for Windows as needed (primary responsibilities may rest on other roles) Apply critical thinking to identify efficient mitigations for threats and evasions Collaborate with remote teammates via chat, video, and conferencing; coordinate with other engineering teams to improve critical detection capabilities What You Bring To The Team
As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll join an expert group focused on tracking threat actors, malware, phishing, and TTPs, and developing software that detects and prevents threats. A passion for threat research with deep understanding of security landscapes and TTPs, including countermeasures for evasions and sandbox detection Production-grade Python coding with instrumentation for observability and monitoring Experience with Docker containers Experience with web browser automation Experience analyzing network traffic for threat detection; strong understanding of TLS, HTTP, and other protocols Ability to work independently and in a distributed team Nice-to-Have
Experience with C/C++, Windows API hooks, malware behavior signatures, dynamic/multi-sandbox analysis tools (e.g., IDA Pro, Ghidra, Binary Ninja), and reverse engineering concepts. Experience with C/C++ is a plus Experience researching undocumented Windows API functions Experience writing malware behavior signatures Experience with malware analysis using debuggers Experience with static reverse engineering using tools like IDA Pro, Ghidra, or Binary Ninja Ability to interpret forensic outputs from dynamic analysis Experience with multiple malware sandboxes (e.g., Cuckoo, Joe Sandbox, Any Run, Triage) Additional Information
Travel 1% - 10% (flexible) Location: Remote options in Canada, US, Argentina, UK, Ireland, Germany, France, Switzerland Must be able to work during business hours in your local time zone Why Proofpoint
We offer competitive compensation and a comprehensive benefits package, with emphasis on learning, development, flexible work options, and global collaboration. We provide pay transparency and a competitive benefits package, including wellbeing days and a Work from Anywhere option. Base Pay Ranges
Base pay varies by location and is provided during the interview process. The actual offer will be based on the candidate’s experience and other factors. Seniority level
Not Applicable Employment type
Full-time Job function
Engineering and Information Technology Industries: Computer and Network Security and Software Development Referrals increase your chances of interviewing at Proofpoint. Get notified about new Staff Research Engineer jobs in Helena, MT.
#J-18808-Ljbffr