Proofpoint
About Proofpoint
We are the leader in human‑centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We’re driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.
How We Work At Proofpoint, you’ll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values—Bold, Responsive, Accountable, Visionary, Exceptional.
Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks vulnerabilities in people. With an integrated suite of cloud‑based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber‑attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people‑centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web.
The Role This highly technical role has a direct and real‑time impact protecting Proofpoint customers. As a Senior Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry‑leading team focused on tracking threat actors, malware, phishing, and TTPs in order to develop static and dynamic (behavioural) signatures that detect and prevent threats on a massive scale. If you enjoy keeping abreast of and analysing attacker techniques, malware and phishing campaigns, and using that knowledge to counteract those threats on a broad scale, then this is the role for you. This role has an absolute and direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.
Your Day‑to‑Day
Stay abreast of a constantly evolving threat landscape including the credential phishing landscape
Analyse malware, malicious documents, and malicious URLs provided by internal and external sources
Conduct in‑depth analysis of email messages to detect and classify threats such as business email compromise (BEC), phishing, and other malicious campaigns.
Apply critical thinking skills to identify the most efficient and effective way to mitigate the analysed threat
Develop, test, and deploy appropriate static and/or behavioural signatures to mitigate the analysed threat
Identify, prioritize, and fill coverage gaps for relevant threats to minimize customer impact
Be on the rotation for on‑call to respond customer FN/FP escalations that cannot be addressed by customer support
Work effectively as part of a remote team using chat, video chat and conference calls
Work with engineering teams, defining requirements, for continuous improvement of critical detection capabilities
What You Bring To The Team
A passion for threat research and a well‑rounded yet deep understanding of the security threat landscape
Demonstrable understanding of the malware and credential phishing landscape, TTPs, and experience overcoming bypass techniques
Experience proactively identifying, responding to, and defending against malware and credential phishing threats in production environments
Familiarity with browser internals and the Document Object Model
Broad and demonstrable understanding of document formats commonly used for malicious purposes (e.g. OLE, CDFv2, PDF, OpenOffice, RTF)
Experience parsing and analysing malicious documents
Experience leveraging sandbox environments as an analysis tool
Critical thinking, Able to develop high quality detection signatures based on analysis of malicious behaviour
Experience creating YARA and/or ClamAV signatures used in production environments
Regular expression wizardry
Intermediate‑level Python experience
Interest in learning sandbox engineering concepts and contributing ideas to extend capabilities a plus
Interest in creating synthetic malicious samples to test capabilities a plus
Willing and able to work independently and collaboratively as part of a distributed team of industry‑leading security researchers
A hard‑working, self‑directed team player fully capable of working remotely
Additional Information
Travel 10%
Location: Work from home in United States
Must be able to work during business hours local to your time‑zone
Benefits
Competitive compensation
Comprehensive benefits
Learning & Development – We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
Flexible work environment (Remote options, hybrid schedules, flexible hours, etc.)
Annual wellness and community outreach days
Always on recognition for your contributions
Global collaboration and networking opportunities
Base Pay Ranges
SF Bay Area, New York City Metro Area – $161,625.00 – $237,050.00 USD
California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska – $132,225.00 – $193,930.00 USD
All other cities and states excluding those listed above – $120,525.00 – $176,770.00 USD
Equal Employment Opportunity If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com.
How to Apply Submit your application here https://www.proofpoint.com/us/company/careers.
#J-18808-Ljbffr
How We Work At Proofpoint, you’ll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values—Bold, Responsive, Accountable, Visionary, Exceptional.
Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks vulnerabilities in people. With an integrated suite of cloud‑based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber‑attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people‑centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web.
The Role This highly technical role has a direct and real‑time impact protecting Proofpoint customers. As a Senior Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry‑leading team focused on tracking threat actors, malware, phishing, and TTPs in order to develop static and dynamic (behavioural) signatures that detect and prevent threats on a massive scale. If you enjoy keeping abreast of and analysing attacker techniques, malware and phishing campaigns, and using that knowledge to counteract those threats on a broad scale, then this is the role for you. This role has an absolute and direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.
Your Day‑to‑Day
Stay abreast of a constantly evolving threat landscape including the credential phishing landscape
Analyse malware, malicious documents, and malicious URLs provided by internal and external sources
Conduct in‑depth analysis of email messages to detect and classify threats such as business email compromise (BEC), phishing, and other malicious campaigns.
Apply critical thinking skills to identify the most efficient and effective way to mitigate the analysed threat
Develop, test, and deploy appropriate static and/or behavioural signatures to mitigate the analysed threat
Identify, prioritize, and fill coverage gaps for relevant threats to minimize customer impact
Be on the rotation for on‑call to respond customer FN/FP escalations that cannot be addressed by customer support
Work effectively as part of a remote team using chat, video chat and conference calls
Work with engineering teams, defining requirements, for continuous improvement of critical detection capabilities
What You Bring To The Team
A passion for threat research and a well‑rounded yet deep understanding of the security threat landscape
Demonstrable understanding of the malware and credential phishing landscape, TTPs, and experience overcoming bypass techniques
Experience proactively identifying, responding to, and defending against malware and credential phishing threats in production environments
Familiarity with browser internals and the Document Object Model
Broad and demonstrable understanding of document formats commonly used for malicious purposes (e.g. OLE, CDFv2, PDF, OpenOffice, RTF)
Experience parsing and analysing malicious documents
Experience leveraging sandbox environments as an analysis tool
Critical thinking, Able to develop high quality detection signatures based on analysis of malicious behaviour
Experience creating YARA and/or ClamAV signatures used in production environments
Regular expression wizardry
Intermediate‑level Python experience
Interest in learning sandbox engineering concepts and contributing ideas to extend capabilities a plus
Interest in creating synthetic malicious samples to test capabilities a plus
Willing and able to work independently and collaboratively as part of a distributed team of industry‑leading security researchers
A hard‑working, self‑directed team player fully capable of working remotely
Additional Information
Travel 10%
Location: Work from home in United States
Must be able to work during business hours local to your time‑zone
Benefits
Competitive compensation
Comprehensive benefits
Learning & Development – We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
Flexible work environment (Remote options, hybrid schedules, flexible hours, etc.)
Annual wellness and community outreach days
Always on recognition for your contributions
Global collaboration and networking opportunities
Base Pay Ranges
SF Bay Area, New York City Metro Area – $161,625.00 – $237,050.00 USD
California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska – $132,225.00 – $193,930.00 USD
All other cities and states excluding those listed above – $120,525.00 – $176,770.00 USD
Equal Employment Opportunity If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com.
How to Apply Submit your application here https://www.proofpoint.com/us/company/careers.
#J-18808-Ljbffr