Security Research Engineer - (Remote - Anywhere in the US)

It's fun to work in a company where people truly BELIEVE in what they're doing!We're committed to bringing passion and customer focus to the business.Proofpoint’s detonation environments and threat detection pipelines protect customers from threats in many different contexts including email, cloud, web gateway, browser isolation, and zero trust environments. Accurately classifying executables, documents, URLs etc. as benign or malicious is paramount in all of these contexts. In this highly technical role you will identify, analyze, triage, correct, improve, and ultimately hold us accountable for the accurate classification of benign and malicious behavior in multiple contexts. You’ll be an integral part of an amazing, collaborative, industry-leading threat research team and have a direct impact protecting customers on a massive scale. If you enjoy keeping abreast of and analyzing attacker techniques and malware and using that knowledge accurately identify threats, then this is the role for you.Your day-to-dayStay abreast of a constantly evolving and diverse threat landscape

Proactively analyze and assess the accuracy of benign/malicious classification decisions in various product contexts

Triage customer reports of false negatives/false positives at the apex of the escalation chain

Analyze malware, malicious documents, and malicious URLs provided by internal and external sources

Develop, test, and deploy appropriate static and/or behavioral signatures to mitigate analyzed threats

Develop, produce, and monitor efficacy metrics for various product environments

Leverage your applied experience to drive continuous improvement and create innovative detection solutions for this complex and diverse problem space

Work effectively as part of a remote team using chat, video chat and conference calls

Work with engineering teams and research peers, defining requirements for the continuous improvement of critical detection capabilities

What you bring to the teamA passion for threat research and a well-rounded yet deep understanding of the security threat landscape, malware behavior, and actor TTPs

Experience performing malware analysis

Experience using static analysis tools to analyze malicious documents and executables

Experience sandboxing and detonating malware including the ability to thwart bypass techniques

Able to accurately interpret the output of dynamic analysis (e.g. sandbox) environments

Demonstrable ability to accurately assess the maliciousness of Windows executables, dlls, installers, macros, scripts, etc.

Critical thinking: Able to identify scalable and accurate detection methods based on analysis of malicious behavior

Experience using SQL and data analytic tools over large data sets to identify trends as well as anomalies

Experience developing YARA and/or ClamAV signatures

Regular expression wizardry

Intermediate-level Python experience

Willing and able to work independently and collaboratively within and across teams

A hard-working, self-directed team player fully capable of working remotely

Additional InformationTravel: 10%

Location: Continental US – Work From Home

Must be able to work during business hours local to your time-zone

#LI-EC1If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!