Talent.com
Staff Security Research Engineer
Staff Security Research EngineerProofpoint • Virginia, MN, US
Staff Security Research Engineer

Staff Security Research Engineer

Proofpoint • Virginia, MN, US
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.

At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values : Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.

Job Overview

Proofpoint is a leading cybersecurity company protecting organizations' greatest assets and biggest risks vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks.

Responsibilities

  • Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team
  • Modify existing web-based UI for internal tools to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers to use
  • Develop and maintain web browser interaction capabilities using Chrome web driver
  • Analyze and Reverse Engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation, and innovate solutions to defeat those checks
  • Familiarity with analyzing web front-end and the Document Object Model (DOM)
  • Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files
  • Work closely with threat analysts and detection engineers who research threat actors and write detection rules which run on the systems you develop
  • Create new detection languages and systems that allow threat researchers to develop detection rules
  • Add features to existing threat detection languages to allow greater flexibility by threat researchers to automate interactions with websites and detect threat patterns
  • Make use of AI Large Language Models as appropriate to enhance threat detection pipelines, produce samples to test evasion countermeasures, and make sound decisions about when applying AI is a benefit vs. a detriment to achieving goals
  • Design and develop automation pipelines to turn manual tasks into automated scripts
  • Stay abreast of a constantly evolving threat landscape
  • Understand the latest tactics, techniques, and procedures used by threat actors to bypass detection environments, especially URL sandbox fingerprinting / detection / evasion techniques used by threat actors
  • Provide expert assistance and support to threat researchers and analysts as they analyze phishing websites, threat detection evasion techniques, and security research or red team demonstrations of new evasion techniques
  • Apply critical thinking skills to identify the most efficient and effective way to mitigate threats and evasions
  • Work effectively as part of a remote team using chat, video chat and conference calls
  • Work with other engineering teams, defining requirements, for continuous improvement of critical detection capabilities

Requirements

  • A passion for threat research and a well-rounded yet deep understanding of the security threat landscape and actor TTPs, especially understanding how to develop countermeasures for threat actor evasions and sandbox detection techniques
  • Ability to write production-grade, reliable Python code with instrumentation that supports observability and monitoring of performance and errors
  • Experience developing software using Docker containers
  • Experience developing web browser automation
  • Experience analyzing network traffic for threat detection and a solid understanding of TLS, HTTP, and other network protocols used by malware
  • Willing and able to work independently and collaboratively as part of a distributed team of industry-leading security researchers
  • Ability to perform the above in a fully remote work environment

    • Nice to Have

  • Experience with C and C++
  • Experience developing Windows API hooks and knowing how to research undocumented Windows API internal functions
  • Experience writing malware behavior signatures
  • Some experience analyzing malware using a debugger, and willingness to learn
  • Experience with statically reverse engineering malware using IDA Pro, Ghidra, Binary Ninja, or other reverse engineering tools
  • Ability to accurately interpret the forensic output of dynamic analysis (sandbox) environments
  • Experience with a variety of publicly-available malware sandboxes

    • What We Offer

  • Competitive compensation
  • Comprehensive benefits
  • Learning & Development
  • Flexible work environment
  • Annual wellness and community outreach days
  • Always on recognition for your contributions
  • Global collaboration and networking opportunities

    • Our Culture

    Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives.

    Equal Employment Opportunity

    Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets.

    Base Pay Ranges : SF Bay Area, New York City Metro Area : $194,475.00 - $285,230.00 USD; California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska : $162,375.00 - $238,150.00 USD; All other cities and states excluding those listed above : $148,425.00 - $217,690.00 USD

    J-18808-Ljbffr

    serp_jobs.job_alerts.create_a_job

    Staff Security Engineer • Virginia, MN, US