Sr. Threat Research Engineer

About Us
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.

How We Work

At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.

Corporate Overview
Proofpoint is a leading cybersecurity company protecting organizations' greatest assets and biggest risks vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web. We are singularly devoted to helping our customers protect their greatest assets and biggest security risk their people. That's why we're a leader in next-generation cybersecurity. Protection Starts with People.

The Role
You are a Senior CyberSecurity Analyst (email borne threats) or have a strong desire and a skill set to become one

We are looking for a highly intelligent, analytical, driven person to join a dynamic group of people who are passionate about saving the world from the growing threat of e-mail borne threats phishing, malware , BEC and spam. We are competing against a very active, creative, and motivated adversary who was credited as sending over 40 trillion spam/threat email messages last year alone If you are interested in helping us achieve our goal and rid the world of phishing, malware and spam, we definitely would like to speak with you. We offer a challenging environment that fosters creativity and rewards excellence.

Your day to day

• Member of a creative, enthusiastic, and geographically distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations.
• Analyze email messages reported by customers as well as work on large data sets in order to determine correct classification (spam, phishing, malware, BEC (Advanced Email Fraud), bulk, ham).
• CONTENT DEVELOPMENT. Perform deep analyses of spam message headers & structures to identify novel spam features, and design various rules/signatures to detect those features and block email borne threats
• Ad-hoc development of tools as necessary to aid/streamline analysis activities is a plus
• As an Email Cybersecurity analyst, who has coding experience and skills - an opportunity to design and develop new PoCs threat detection system(s) based on your expertise or learn how to add this skill to your toolset.
• Continue to develop and support existing Threat Detection PoCs based on the existing Threat Detection framework
• Developing and maintaining Python applications/tools, writing clean and efficient code, debugging and troubleshooting issues, collaborating with cross-functional teams, and participating in code reviews. Knowledge of database systems is a plus
• Be available in an rotating on-call basis to respond to develop signatures, that detect and block an emerging or an ongoing threat(s)
• Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products.

What You Bring To The Team

• Knowledge of different types of email borne attack vectors, tools and tactics
• In-depth knowledge of email borne threats phishing, malware, BEC and spam. Ability to find and research suspicious patterns in URLs, domains, in conjunction with overall email structure (email headers and email context).
• Ability to create detection signatures/rules (content development) based on observed suspicious patterns with experience of 2-4 or more years in the field.
• General curiosity about the headers and structure of email messages.
• General familiarity with how mail delivery works, knowledge of email security standards and protocols, such as SPF, DKIM, and DMARC, would be beneficial.
• Practical knowledge (hands-on experience) with Regular Expressions
• Minimum 2+ years hands-on experience with Python or a different programming language
• Experience in one of Python frameworks (Django, Flask or Pandas)
• Experience with data analysis, familiarity with cybersecurity best practices, and the ability to work with large datasets.
• Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files is a must have
• Familiarity and/or experience with LUA based detection signatures is a plus
• Familiarity and/or experience with ClamAV and/or Yara and/or in-house developed framework allowing to research and create signature based detection on email borne threats based detection signatures is a plus
• Willingness to play an important technical role
• Demonstrated analytical and creative problem-solving abilities.
• Ability to work independently yet fully integrate with worldwide, remote teams.
• Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done.
• Requirements/Education and/or Equivalent Experience (including technical and non-technical capabilities)
• BSCS or equivalent, or equivalent technical experience.

Why Proofpoint
As a customer focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and developing great teams is key to our success We are a multi-national company with locations in many countries, with each location contributing to Proofpoint's amazing culture

Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us

• Competitive compensation
• Comprehensive benefits
• Learning & Development We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
• Flexible work environment [Remote options, hybrid schedules, flexible hours, etc.].
• Annual wellness and community outreach days
• Always on recognition for your contributions
• Global collaboration and networking opportunities

Our Culture

Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to How to Apply Interested? Submit your application here https We can't wait to hear from you