Threat Analyst

Proofpoint Inc Sunnyvale , CA 94085

Posted 4 days ago


We are looking for a highly intelligent, driven person to join a dynamic group of people who are passionate about saving the world from the growing threat of e-mail messaging abuse. And we're competing against a very active, creative, and motivated adversary who was credited as sending over 40 trillion spam messages last year alone! If you're interested in helping us achieve our goal and rid the world of spam, we'd definitely like to speak with you. We offer a challenging environment that fosters creativity and rewards excellence.

Responsibilities include:

  • Member of a creative, enthusiastic, and geographically-distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations

  • Provide responses and explanations to customers who request assistance through our ticketing system

  • Analyze email messages reported by customers in order to determine correct classification (spam, threat, bulk, ham)

  • Be available in an on-call basis to analyze e-mail messages to determine correct classification (spam, threat, bulk, ham)

  • Perform deep analyses of spam message headers & structures to identify novel spam features, and design regular-expression (regex) based rules to detect those features

  • Participate in attack post-mortems to improve the team's response to threats

  • Provide responses and explanations to customers in a positive, professional manner

  • Analyze misclassified messages (spam and legitimate) and make updates to spam definitions to correct their classifications.

  • Ad-hoc development of tools as necessary to aid/streamline analysis activities

  • Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products


  • Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files

  • Strong written and verbal communication skills, including the ability to convey highly technical information in an accessible manner

  • Experience with Perl, especially advanced regular expressions and Unix command line invocations

  • General familiarity with how mail delivery works, including SMTP

  • Willingness to play an important technical role that does NOT primarily involve development

  • General curiosity about the headers and structure of email messages

  • Demonstrated analytical and creative problem-solving abilities

  • Willingness to interact with customers (web and occasionally phone-based support) to help resolve their issues

  • Ability to work independently yet fully integrate with worldwide, remote teams

  • Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done

  • Requirements/Education and/or Equivalent Experience (including technical and non-technical capabilities)

  • BSCS or equivalent, or equivalent technical experience.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.… Change Resume
Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Threat And Vulnerability Re...

Proofpoint Inc

Posted 2 days ago

VIEW JOBS 8/16/2018 12:00:00 AM 2018-11-14T00:00 Company Overview At Proofpoint, we have a passion for protecting people, data, and brands from today's advanced threats and compliance risks. We hire the best people in the business to: * Build and enhance our proven security platform * Blend innovation and speed in a constantly evolving cloud architecture * Analyze new threats and offer deep insight through data-driven intel * Collaborate with customers to help solve their toughest security challenges We are singularly devoted to helping our customers protect what matters most. That's why we're a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner. The Role As a Proofpoint Threat and Vulnerability Researcher, you will be responsible for tracking vulnerabilities, exploits, new malware variants and determining a best course of action for coverage. When new versions of malware are released, the successful candidate will advise on coverage prioritization, provide an in-depth understanding of the threat, and work with threat researchers to get the threat covered and Proofpoint customers protected. This includes providing technical details, proof of concept code, PCAPs and other materials as available. This role will also be responsible for testing detections to ensure that they have been properly deployed. This role will perform coverage tests by delivering malware to test systems and tracking outcomes. The successful candidate will manage relationships with vulnerability partners and vendors in order to track, prioritize and organize coverage in various detection systems. The successful candidate will report directly to the director of Emerging Threats at Proofpoint and act as an advisor on determining coverage focus, product updates and vulnerability severity levels. The successful candidate will have prior experience in areas of threat detection, malware research, data analysis, and host or network forensics. This role requires connections within the threat research community, including membership in trust groups, careful monitoring of vulnerability disclosure channels both formal and informal, and a high attention to detail for tracking coverage. This role requires some customer-facing interaction and will be interactive with other teams within Proofpoint including product management, threat research and field account teams. This role will be responsible for working closely with talented threat analysts to ensure coverage information is available for creating the best protections for Proofpoint customers. The team will focus on consistent and timely updates to detection methods as required by internal stakeholders, customer requests and the demands of the changing threat landscape. Your day-to-day * Working with analysts, product managers, support personnel, sales and other outside teams to deliver uncompromising service in timely threat detection * Reviewing timeliness and efficacy of protections created by analyst teams * Provide project management for minor projects and initiatives as it pertains to operational effectiveness * Discover and report common and repeated problems to management and propose process and technical improvements * Use of excellent analytical skills to work in a diverse team environment, exchanging ideas and data with developers, support, product managers, and customers * Finding vulnerabilities via various channels, prioritizing them and sending recommendations for coverage to research teams * Answering questions about detection coverage * A deep understanding and up-to-date knowledge on the evolving threat landscape What you bring to the team * Experience in operational threat research or detection management * Ability to design process and procedure to ensure creation of protections for Proofpoint customers * Knowledge of the threat landscape * A passion for surfacing threats, understanding them and communicating them to senior leadership * Skills with reporting and metrics tracking for efficacy * Familiarity with several of the following technologies: Suricata, Snort, IDS signature creation, credential phishing, PCAP storage, malware sandboxing, python, linux command line tools, yara, ClamAV * Excellent written and verbal communication skills with the ability to present complex information in a clear and concise manner to a variety of audiences * Bias for action and willingness to take risks * Involvement in information security and threat trust groups * Experience making things happen in a fast-paced dynamic environment * 2+ years in information security experience with focus on vulnerability management, threat tracking, signature coverage guidance, etc Nice to have * Amazing presentation skills * Experience with the Microsoft Advanced Protection Program or other trust group programs * Experience working remotely for a large information security vendor * Located in a US time zone, available during US business hours Additional Information * This is a fully remote position, with candidate expected to be available via audio and video conference, chat networks and email during US business hours * Travel: 10% * Location: Anywhere in USA, work from home/remote Why Proofpoint As a customer focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and treating them well is key to our success! We are a multi-national company with locations in 10 countries, with each location contributing to Proofpoint's amazing culture! #LI-VW1 Proofpoint Inc Sunnyvale CA

Threat Analyst

Proofpoint Inc