Threat Analyst

Proofpoint Inc Sunnyvale , CA 94085

Posted 2 days ago


We are looking for a highly intelligent, driven person to join a dynamic group of people who are passionate about saving the world from the growing threat of e-mail messaging abuse. And we're competing against a very active, creative, and motivated adversary who was credited as sending over 40 trillion spam messages last year alone! If you're interested in helping us achieve our goal and rid the world of spam, we'd definitely like to speak with you. We offer a challenging environment that fosters creativity and rewards excellence.

Responsibilities include:

  • Member of a creative, enthusiastic, and geographically-distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations

  • Provide responses and explanations to customers who request assistance through our ticketing system

  • Analyze email messages reported by customers in order to determine correct classification (spam, threat, bulk, ham)

  • Be available in an on-call basis to analyze e-mail messages to determine correct classification (spam, threat, bulk, ham)

  • Perform deep analyses of spam message headers & structures to identify novel spam features, and design regular-expression (regex) based rules to detect those features

  • Participate in attack post-mortems to improve the team's response to threats

  • Provide responses and explanations to customers in a positive, professional manner

  • Analyze misclassified messages (spam and legitimate) and make updates to spam definitions to correct their classifications.

  • Ad-hoc development of tools as necessary to aid/streamline analysis activities

  • Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products


  • Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files

  • Strong written and verbal communication skills, including the ability to convey highly technical information in an accessible manner

  • Experience with Perl, especially advanced regular expressions and Unix command line invocations

  • General familiarity with how mail delivery works, including SMTP

  • Willingness to play an important technical role that does NOT primarily involve development

  • General curiosity about the headers and structure of email messages

  • Demonstrated analytical and creative problem-solving abilities

  • Willingness to interact with customers (web and occasionally phone-based support) to help resolve their issues

  • Ability to work independently yet fully integrate with worldwide, remote teams

  • Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done

  • Requirements/Education and/or Equivalent Experience (including technical and non-technical capabilities)

  • BSCS or equivalent, or equivalent technical experience.


Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
(UsaCaSunnyvale) Security E...

Google Inc.

Posted Yesterday

VIEW JOBS 6/17/2018 12:00:00 AM 2018-09-15T00:00 There's no such thing as a "safe system" - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work hands-on with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities. Google has long been at the forefront of security research. The Threat Analysis Group uses traditional research methods, creative engineering, and vast computing resources to keep Google, but more importantly our users, safe from sophisticated adversaries. We provide Google’s operational and product teams with the necessary intelligence to ensure our users are protected, informed, and aware of relevant security and privacy issues. Join our team, and you’ll be part of a small group that’s making a difference on a scale most would never think possible. At Google, our users come first, and the Systems Infrastructure team is at the heart of that promise. We build the technologies that transform the way we think about doing business. Whether working on our cloud systems, researching the latest in computer technology or keeping Google's internal systems humming, Googlers and users alike rely on us to keep things running. We're back-end experts: protecting your privacy and ensuring your security. ## Responsibilities * Identify, analyze, and document network signals, malware behaviors, and threat reports related to trends and developments in adversary tactics, techniques, and procedures (TTPs). * Build/Improve tools for analyzing malware, identifying threats and tracking adversaries. * Provide clear, actionable, and structured intelligence to product and security teams. Assist in ensuring corporate and production systems are safeguarded. * Own the analysis efforts of one or more threat actors, and serve as a subject matter expert on how those actors might affect Google and our users. * Identify personal and team priorities, and able to work on assignments with minimal supervision while maintaining quality and deadlines. ## Qualifications Minimum qualifications: * BA/BS degree in Computer Science or related discipline or equivalent practical experience. * 3 years of experience in a threat intelligence, reverse engineering or related role. * Programming experience in Python, C/C++, or Go. Preferred qualifications: * Experience identifying and understanding modern malware anti-analysis and evasion techniques. * Strong understanding of dynamic and static malware analysis. * Significant experience with one or more of the following: Snort, Suricata, ClamAV, YARA. * Strong understanding of network fundamentals, techniques for lateral machine movement, malware persistence mechanisms, covert channels, and command and control techniques. * Strong communication and documentation skills. * * * At Google, we don’t just accept difference - we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know. To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees or any other company location. Google is not responsible for any fees related to unsolicited resumes. Google Inc. Sunnyvale CA

Threat Analyst

Proofpoint Inc