About Us: Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people.How We Work:At Proofpoint you’ll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values: Bold in how we dream and innovateResponsive to feedback, challenges and opportunitiesAccountable for results and best in class outcomesVisionary in future focused problem-solvingExceptional in execution and impactRole OverviewWe’re seeking a Staff Information Security Engineer to help lead and evolve our Global Information Security Operation. In this role, you’ll shape incident response strategy, push forward advanced threat detection and defence capabilities, and take point on the most complex security investigations across the enterprise. As a Staff-level engineer, you will operate as a subject matter expert and technical leader, partnering across SOC, Threat Intelligence, Detection Engineering, and Security Engineering to improve Proofpoint’s ability to detect, respond to, and proactively hunt advanced threats. This role includes participation in a 24/7 on-call incident response rotation.Key ResponsibilitiesServe as a Level 3 / Staff escalation point for high-severity incidentsLead investigations into APTs, ransomware, insider threats, and cloud compromisesAct as incident commander and coordinate response efforts. - Participate in 24/7 on-call incident responseLead threat hunting across endpoint, network, identity, and cloudOperationalize threat intelligence into detections and responseDesign and improve detections across SIEM, EDR, and SOARAutomate incident triage and response workflowsDrive post-incident reviews and continuous improvementMentor team members and influence security strategyRequired Qualifications & ExperienceExtensive experience in Incident Response, DFIR, Threat Hunting, or Security OperationsDeep expertise in incident response, threat hunting, and threat intelligenceStrong knowledge of MITRE ATT&CK and adversary TTPsExperience with SIEM, EDR, SOAR, and cloud securityScripting experience (Python, PowerShell, or Bash)Strong communication and leadership skills.Nice To Have Experience building threat hunting or detection programsBackground in threat intelligence or red/purple teamingCertifications such as GCFA, GCIH, CISSP, CISM, OSCP#LI-CB1Why Proofpoint?At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you’ll love working with us:Competitive compensationComprehensive benefitsCareer success on your termsFlexible work environmentAnnual wellness and community outreach daysAlways on recognition for your contributionsGlobal collaboration and networking opportunities Our Culture:Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone.We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com. How to ApplyInterested? Submit your application along with any supporting information- we can’t wait to hear from you!
View Original Job Posting