Go Enterprise, contact us anytime: email, phone, or chat

  • Security Research Engineer (Sandboxing)

    Proofpoint

    This is a highly technical role that requires a comprehensive understanding of Windows internals, sandboxing technology and instrumentation, reverse engineering, and malware anti-analysis techniques. As a security researcher focused on sandboxing technology, you will work closely with industry-leading security researchers and technologists to maintain and evolve Proofpoint’s state-of-the-art malware analysis environment. Your primary objective is to ensure that ever-evolving malware runs scalably and effectively in Proofpoint’s sandbox environment despite the best efforts of malware authors to thwart that. This role has a direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.

Description

The Role
This is a highly technical role that requires a comprehensive understanding of Windows internals, sandboxing technology and instrumentation, reverse engineering, and malware anti-analysis techniques. As a security researcher focused on sandboxing technology, you will work closely with industry-leading security researchers and technologists to maintain and evolve Proofpoint’s state-of-the-art malware analysis environment. Your primary objective is to ensure that ever-evolving malware runs scalably and effectively in Proofpoint’s sandbox environment despite the best efforts of malware authors to thwart that. This role has a direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.

Your day-to-day
• Analyze malware from internal and external sources, both self-directed and in response to customer inquiries
• Develop signatures to accurately detect and classify malware based on analysis
• Assess the impact, and develop commensurate responses, for proof of concept exploits
• Develop code to extract configuration information and other indicators from memory dumps and other sandbox artifacts
• Perform root cause analysis to identify reasons malware doesn’t execute as desired in a sandbox environment
• Develop low-level sandbox solutions, including the hooking of Windows APIs, to coax malware into running properly in a sandboxed environment
• Monitor the threat landscape then proactively prioritize and address relevant threats
• Identify and research novel anti-analysis techniques and advanced threats
• Work effectively as part of a remote team using chat, video chat and conference calls
• Work with engineering developers to improve the capabilities of our products

What you bring to the team
• A passion for threat research, and uncovering the unknown about malware, internet threats and threat actors
• A well-rounded understanding of the malware and information security threat landscape. You should love this field and have a passion for learning
• A willingness to work independently and collaboratively as part of a team of industry experts
• A hard-working, self-directed team player fully capable of working remotely
• Demonstrable, expert-level, reverse engineering skills including the use of IDA Pro and understanding of Intel assembly language
• Ability to reverse malware written in lower-level (C/C++/Delphi) and higher-level (Java/.NET/JS) languages
• Experience sandboxing malware including the custom hooking of Windows APIs to facilitate the execution of malware
• Familiarity with encryption algorithms commonly used by malware
• Experience developing detection signatures based on malware analysis
• Intermediate to advanced level Python experience
• Stellar internal support capabilities responding to coverage and technical issues in production environments
Additional Information
• Travel: 10%
• Location: Must be based in the US
• Must be able to work during the US business hours local to your timezone


Responsibilities

  • • Analyze malware from internal and external sources, both self-directed and in response to customer inquiries
  • • Develop signatures to accurately detect and classify malware based on analysis
  • • Assess the impact, and develop commensurate responses, for proof of concept exploits
  • • Develop code to extract configuration information and other indicators from memory dumps and other sandbox artifacts
  • • Perform root cause analysis to identify reasons malware doesn’t execute as desired in a sandbox environment
  • • Develop low-level sandbox solutions, including the hooking of Windows APIs, to coax malware into running properly in a sandboxed environment
  • • Monitor the threat landscape then proactively prioritize and address relevant threats
  • • Identify and research novel anti-analysis techniques and advanced threats
  • • Work effectively as part of a remote team using chat, video chat and conference calls
  • • Work with engineering developers to improve the capabilities of our products

Details

  • Travel Up to 25%
  • Incentives Not provided
  • Clearance & Citizenship U.S. Citizenship
  • Remote Work Full remote okay
  • Education No requirements
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.2

    Overall Rating - OK


  • Culture and Values 3.2
  • Work/Life Balance 3.4
  • Senior Management 3.1
  • Comp and Benefits 3.3
  • Career Opportunities 3.1