Go Enterprise, contact us anytime: email, phone, or chat

  • Security Research Engineer

    Proofpoint

    This is a highly technical role that has a direct and real-time impact protecting Proofpoint customers. As a Security Research Engineer in Proofpoint’s Threat Research group, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, their malware, and their TTPs in order to develop static and dynamic (behavioral) signatures that detect and prevent email-based malware delivery and credential phishing attacks. If you enjoy keeping abreast of and analyzing attacker techniques and malware and using that knowledge to make a difference counteracting those threats on a broad scale, then this is the role for you. This role has a direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.

Description

Company Overview
================
At Proofpoint, we have a passion for protecting people, data, and brands from today’s advanced threats and compliance risks. We hire the best people in the business to:

- Build and enhance our proven security platform
- Blend innovation and speed in a constantly evolving cloud architecture
- Analyze new threats and offer deep insight through data-driven intel
- Collaborate with customers to help solve their toughest security challenges

We are singularly devoted to helping our customers protect what matters most. That’s why we’re a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.

The Role
=======
This is a highly technical role that has a direct and real-time impact protecting Proofpoint customers. As a Security Research Engineer in Proofpoint’s Threat Research group, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, their malware, and their TTPs in order to develop static and dynamic (behavioral) signatures that detect and prevent email-based malware delivery and credential phishing attacks. If you enjoy keeping abreast of and analyzing attacker techniques and malware and using that knowledge to make a difference counteracting those threats on a broad scale, then this is the role for you. This role has a direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.

Your day-to-day
=============
- Stay abreast of a constantly evolving threat landscape
- Analyze malware, malicious documents, and malicious URLs provided by internal and external sources
- Apply critical thinking skills to identify the most efficient and effective way to mitigate the analyzed threat
- Develop, test, and deploy appropriate static and/or behavioral signatures to mitigate the analyzed threat
- Identify, prioritize, and fill coverage gaps for relevant threats in order to minimize customer impact
- Assess the impact, and develop commensurate responses, for proof of concept exploits
- Work effectively as part of a remote team using chat, video chat and conference calls
- Work with engineering teams, defining requirements, for continuous improvement of critical detection capabilities

What you bring to the team
=======================
- A passion for threat research and a well-rounded yet deep understanding of the security threat landscape, malware behavior, and actor TTPs
- Willing and able to work independently and collaboratively as part of a distributed team of industry-leading security researchers
- A hard-working, self-directed team player fully capable of working remotely
- Broad and demonstrable understanding of document formats commonly used for malicious purposes (e.g. OLE, CDFv2, PDF, OpenOffice, RTF)
- Familiarity with tools used to statically analyze malicious documents
- Experience analyzing malicious macro documents
- Ability to accurately interpret the forensic output of dynamic analysis (sandbox) environments
- Thorough understanding of browser internals and the Document Object Model
- Critical thinking: Demonstrable experience developing quality detection signatures based on analysis of malicious behavior
- Experience developing YARA and/or ClamAV signatures
- Regular expression wizardry
- Intermediate-level Python experience
- Experience responding to coverage deficiencies and addressing detection issues in production environments

Additional Information
===================
Travel: 10%
Location: Europe (UK, Germany, France, Italy)
Must be able to work during business hours local to your timezone


Responsibilities

  • - Stay abreast of a constantly evolving threat landscape
  • - Analyze malware, malicious documents, and malicious URLs provided by internal and external sources
  • - Apply critical thinking skills to identify the most efficient and effective way to mitigate the analyzed threat
  • - Develop, test, and deploy appropriate static and/or behavioral signatures to mitigate the analyzed threat
  • - Identify, prioritize, and fill coverage gaps for relevant threats in order to minimize customer impact
  • - Assess the impact, and develop commensurate responses, for proof of concept exploits
  • - Work effectively as part of a remote team using chat, video chat and conference calls
  • - Work with engineering teams, defining requirements, for continuous improvement of critical detection capabilities

Details

  • Travel No travel
  • Incentives Not provided
  • Clearance & Citizenship No requirements
  • Remote Work Full remote okay
  • Education No requirements
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.4

    Overall Rating - OK


  • Culture and Values 3.3
  • Work/Life Balance 3.5
  • Senior Management 3.2
  • Comp and Benefits 3.2
  • Career Opportunities 3.2