Proofpoint is looking to solve the problem of financially motivated threat actors and their TTPs by analyzing threat data and shaping detection strategies to protect their customers.
Requirements
- Proven experience tracking financially motivated threat actors and their TTPs.
- Strong grasp of threat intelligence principles, including IOC analysis and actor attribution.
- Technical skills involving infrastructure tracking, static and dynamic malware analysis, reverse engineering, and scripting for automation.
- Experience working with large datasets to uncover meaningful insights.
- Enthusiasm for developing custom tooling and integrating AI into your workflows to enhance research and detection.
- Experience with email delivery and threat analysis (SMTP, MIME, headers).
- Familiarity with Suricata, Snort, YARA, Clam AV, Sigma, or other signature languages.
Responsibilities
- Hunt for eCrime activity in Proofpoint’s proprietary telemetry and external sources
- Analyze a variety of threat types including phishing, malware, BEC, cloud, and malicious infrastructure.
- Cluster, persistently track, and attribute malicious activity sets.
- Deliver intelligence to internal teams and customers through clear, compelling communication.
- Collaborate with detection engineers to maintain high efficacy for our product suite.
- Contribute to public and private threat intelligence efforts (with additional opportunity to present findings at events, conferences, etc.)
- Use AI-based tools to accelerate analysis, enrich findings, and automate repetitive tasks.
Other
- Comfort working across diverse teams and communicating with customers and stakeholders.
- The ability to speak multiple languages.
- Flexible work environment: [Remote options, hybrid schedules, flexible hours, etc.].
- We encourage applications from individuals of all backgrounds, experiences, and perspectives.
- If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com.
