Security Research Engineer - (Remote - Anywhere in the US)
Vacancy expired!
It's fun to work in a company where people truly BELIEVE in what they're doing!We're committed to bringing passion and customer focus to the business.Proofpoint’s detonation environments and threat detection pipelines protect customers from threats in many different contexts including email, cloud, web gateway, browser isolation, and zero trust environments. Accurately classifying executables, documents, URLs etc. as benign or malicious is paramount in all of these contexts. In this highly technical role you will identify, analyze, triage, correct, improve, and ultimately hold us accountable for the accurate classification of benign and malicious behavior in multiple contexts. You’ll be an integral part of an amazing, collaborative, industry-leading threat research team and have a direct impact protecting customers on a massive scale. If you enjoy keeping abreast of and analyzing attacker techniques and malware and using that knowledge accurately identify threats, then this is the role for you.Your day-to-dayStay abreast of a constantly evolving and diverse threat landscape
Proactively analyze and assess the accuracy of benign/malicious classification decisions in various product contexts
Triage customer reports of false negatives/false positives at the apex of the escalation chain
Analyze malware, malicious documents, and malicious URLs provided by internal and external sources
Develop, test, and deploy appropriate static and/or behavioral signatures to mitigate analyzed threats
Develop, produce, and monitor efficacy metrics for various product environments
Leverage your applied experience to drive continuous improvement and create innovative detection solutions for this complex and diverse problem space
Work effectively as part of a remote team using chat, video chat and conference calls
Work with engineering teams and research peers, defining requirements for the continuous improvement of critical detection capabilities
What you bring to the teamA passion for threat research and a well-rounded yet deep understanding of the security threat landscape, malware behavior, and actor TTPs
Experience performing malware analysis
Experience using static analysis tools to analyze malicious documents and executables
Experience sandboxing and detonating malware including the ability to thwart bypass techniques
Able to accurately interpret the output of dynamic analysis (e.g. sandbox) environments
Demonstrable ability to accurately assess the maliciousness of Windows executables, dlls, installers, macros, scripts, etc.
Critical thinking: Able to identify scalable and accurate detection methods based on analysis of malicious behavior
Experience using SQL and data analytic tools over large data sets to identify trends as well as anomalies
Experience developing YARA and/or ClamAV signatures
Regular expression wizardry
Intermediate-level Python experience
Willing and able to work independently and collaboratively within and across teams
A hard-working, self-directed team player fully capable of working remotely
Additional InformationTravel: 10%
Location: Continental US – Work From Home
Must be able to work during business hours local to your time-zone
#LI-EC1If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
Vacancy expired!