It's fun to work in a company where people truly BELIEVE in what they're doing!We're committed to bringing passion and customer focus to the business.The RoleAs a Proofpoint Advanced Persistent Threat (APT) researcher, you will spend time searching through data looking for threats, analyzing them, and making that information meaningful to our customers. Leveraging Proofpoint data, common threat intelligence data providers, information from trust groups, and other sources, you will be responsible for covering the threat landscape with a focus on state aligned threats in specific regions of interest as assigned by the APT team manager. As an APT specialist you’ll communicate your findings to various groups including customers, fellow threat researchers and teams who create detections in our products. You will also have the opportunity to present your research at public and private industry conferences. You’ll be a part of a team of dynamic and creative threat researchers focused on the threat landscape, finding threats, understanding them, and using that knowledge to improve our products and protect our customers. Making APT landscape research visible and useful for our customers is a large part of this role.· Monitor and analyze threat intelligence sources to stay abreast of new threats and tactics.· Collect, process, and disseminate intelligence to stakeholders in a timely and actionable manner.· Develop and maintain relationships with external organizations to improve information sharing and collaboration.· Identify gaps in collection, recommend, and participate in the implementation of solutions to fill those gaps.· Produce intelligence reports and technical briefings on current and emerging threats for various audiences: Proofpoint executives, public blogs and Proofpoint customers (including our APT Threat Intelligence customers)· Use excellent analytical skills to work in a diverse team environment, exchanging ideas and data with developers, support, product managers, and customers.Your day-to-day• Hunt in Proofpoint’s proprietary telemetry sources to identify and cluster state aligned cyber espionage activity.• Analyze APT-related attack chains, including phishing, malware and threat data from internal and external sources, with a focus on activity that has an email component.• Provide threat detection findings to detection teams as they create and deploy detections in our products• Occasionally conduct dynamic and static malware analysis on samples obtained from our customer data and threat hunting activity to assist in signature development• Piece together malicious campaigns, threat actors, and unattributed activity• Prepare APT activity notification reports for impacted customers• Generate intelligence to support Proofpoint’s mission to protect our customers• Create and present written deliverables to multiple audiences, both external and internal.• Present complex technical topics to senior management, internal stakeholders, our customers, and peers• Expand upon existing intelligence to build profiles of tracked Threat Actors• Collaborate on research projects with the wider threat research teamWhat you bring to the team• A empathetic approach to collaboration and a flexible attitude, ready to work with a close knit team passionate about disrupting adversaries• A well-rounded understanding of the current APT threat landscape in general• Direct experience tracking apex cyber espionage actors of any region, familiarity with their TTPs and key features that can be used for attribution.• Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.• Skills to profile and track APT actors efficiently, including Yara, infrastructure tracking, reverse engineering capabilities, indicator pivoting techniques and enough experience with a scripting language to automate various aspects of your work• The ability to make a hypothesis based on your threat research, prove or disprove it using our data, and communicate that information to our customers or internal stakeholders• Ability to comfortably communicate directly with customers and the security community• Experience with Network and Host malware detection engineering• Excellent interpersonal, organizational, writing, communications, and briefing skills• Motivation to dig through internal and open-source data to find threat information and use it to provide value to customers• Experience with various technologies used for hunting in big data setsNice to have• Formal university-level education in computer science, computer security or another related discipline, or equivalent certifications and/or work experience• Information security community experience; a blog, website, published papers, conference presentations, or other experience on the public side of the security field• Experience working remotely for a large information security vendor• Familiarity with email delivery mechanisms (DNS, SMTP, etc) & common email formats (RFC822 headers, MIME)• Familiarity with email-borne threats and related analysis techniques• Familiarity with Suricata or Snort• Familiarity with interpreting malware sandboxing reports• Amazing presentation skills#LI-EC1 #LI-RemoteIf you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable pay and/or equity. We offer a competitive benefits package that includes flexible time off, a robust well-being program that provides for 4 global wellbeing days per year, and a 3-week work from anywhere option.Base Pay Ranges:SF Bay Area, New York City Metro Area:Base Pay Range: 157,650.00 - 231,220.00 USDCalifornia (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska:Base Pay Range: 129,000.00 - 189,200.00 USDAll other cities and states excluding those listed above:Base Pay Range: 117,600.00 - 172,480.00 USD
View Original Job Posting