It’s fun to work in a company where people truly BELIEVE in what they’re doing!


We’re committed to bringing passion and customer focus to the business.



This highly technical role has a direct and real-time impact protecting Proofpoint customers. As a Security Research Engineer on Proofpoint’s Threat Research team, you’ll be part of an amazing, collaborative, industry-leading team focused on tracking threat actors, malware, phishing, and TTPs in order to develop static and dynamic (behavioral) signatures that detect and prevent threats on a massive scale. If you enjoy keeping abreast of and analyzing attacker techniques, malware and phishing campaigns, and using that knowledge to counteract those threats on a broad scale, then this is the role for you. This role has an absolute and direct impact on the efficacy of Proofpoint products, the quality of Proofpoint’s intelligence, and the protection of Proofpoint customers.


Your day-to-day

  • Stay abreast of a constantly evolving threat landscape with a focus on the credential phishing landscape
  • Analyze malware, malicious documents, and malicious URLs provided by internal and external sources
  • Apply critical thinking skills to identify the most efficient and effective way to mitigate the analyzed threat
  • Develop, test, and deploy appropriate static and/or behavioral signatures to mitigate the analyzed threat
  • Identify, prioritize, and fill coverage gaps for relevant threats in order to minimize customer impact
  • Respond to customer FN/FP escalations that cannot be addressed by customer support
  • Work effectively as part of a remote team using chat, video chat and conference calls
  • Work with engineering teams, defining requirements, for continuous improvement of critical detection capabilities


What you bring to the team

  • A passion for threat research and a well-rounded yet deep understanding of the security threat landscape
  • Demonstrable understanding of the credential Phishing landscape, Phishkits, Phishing as a Service, and evasion techniques used by Phishers
  • Experience proactively identifying, responding to, and defending against credential Phishing attacks in production environments
  • Thorough understanding of browser internals and the Document Object Model
  • A burning desire to protect unwitting victims from credential thieves
  • Broad and demonstrable understanding of document formats commonly used for malicious purposes (e.g. OLE, CDFv2, PDF, OpenOffice, RTF)
  • Familiarity with tools used to statically analyze malicious documents
  • Experience analyzing malicious macro documents
  • Ability to accurately interpret the forensic output of dynamic analysis (sandbox) environments
  • Critical thinking: Demonstrable experience developing quality detection signatures based on analysis of malicious behavior
  • Experience developing YARA and/or ClamAV signatures
  • Regular expression wizardry
  • Intermediate-level Python experience
  • Willing and able to work independently and collaboratively as part of a distributed team of industry-leading security researchers
  • A hard-working, self-directed team player fully capable of working remotely


Additional Information

  • Travel: 10%
  • Location: Work from home in Europe (UK, Germany, France, Italy)
  • Must be able to work during business hours local to your time-zone


Tagged as: 3-5 Years, 5+ Years