Staff Security Research Engineer

About Us

We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.

How We Work

At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values : Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.

Corporate Overview

Proofpoint is a leading cybersecurity company protecting organizations' greatest assets and biggest risks : vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web. We are singularly devoted to helping our customers protect their greatest assets and biggest security risk : their people. That's why we're a leader in next-generation cybersecurity. Protection Starts with People.

Staff Security Research Engineer

Your day-to-day

• Design and develop software using a variety of languages, primarily Python, with little external guidance, while providing technical leadership to guide other software engineers on the team
• Modify existing web-based UI for internal tools to maintain and extend the sandbox submission and report UI for Proofpoint threat researchers
• Write C or C++ for low level interactions with the OS as needed
• Develop and maintain web browser interaction capabilities using Chrome WebDriver
• Analyze and reverse engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation; innovate solutions to defeat those checks
• Familiarity with analyzing web front-end and the Document Object Model (DOM)
• Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files
• Collaborate with threat analysts and detection engineers who research threat actors and write detection rules for the systems you develop
• As needed, create new detection languages and systems that allow threat researchers to develop detection rules
• Add features to existing threat detection languages to enable threat researchers to automate interactions with websites and detect threat patterns
• Use AI Large Language Models as appropriate to enhance threat detection pipelines, test evasion countermeasures, and evaluate when applying AI is beneficial
• Design and develop automation pipelines to turn manual tasks into automated scripts
• Stay abreast of a constantly evolving threat landscape
• Understand the latest tactics, techniques, and procedures used by threat actors to bypass detection environments, especially URL sandbox fingerprinting / detection / evasion techniques
• Provide expert assistance and support to threat researchers and analysts as they analyze phishing websites, threat detection evasion techniques, and security research or red team demonstrations
• Reverse engineer malware executable files for Windows as needed to support sandbox countermeasure development (note : primary malware reverse engineering responsibilities rest on other roles and are not expected regularly for this role)
• Apply critical thinking to identify efficient and effective threat mitigation approaches
• Work effectively as part of a remote team using chat, video chat, and conference calls
• Work with other engineering teams to define requirements for continuous improvement of critical detection capabilities

What you bring to the team

As a Security Research Engineer on Proofpoint's Threat Research team, you'll be part of a collaborative, industry-leading team focused on tracking threat actors, malware, phishing, and TTPs and responding to the changing threat landscape with innovative software that detects and prevents threats from reaching Proofpoint customers. If you enjoy analyzing attacker techniques, malware and phishing campaigns, and using that knowledge to counteract those threats with innovative software solutions, this is the role for you.

The following skills and experience are nice to have, but candidates lacking them should still apply :

Additional Information

Why Proofpoint

As a customer-focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We hire the best, cultivate a culture of collaboration and appreciation, and pursue growth globally. We are a multinational company with locations in many countries, contributing to Proofpoint's culture. We are committed to equity and inclusion; if you need accommodation during the application or interview process, please contact accessibility@proofpoint.com. How to Apply : Submit your application here : proofpoint.com / us / company / careers. We look forward to hearing from you!

Consistent with Proofpoint values and applicable law, we provide information to promote pay transparency and equity. Compensation reflects the cost of labor across U.S. markets and varies by job-related knowledge, skills, and experience. The actual offer will be based on the candidate. This role may be eligible for variable compensation and / or equity. Benefits include flexible time off, a well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option.

Base Pay Ranges

SF Bay Area, New York City Metro Area : Base Pay Range : 194,475.00 - 285,230.00 USD

California (excluding SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska : Base Pay Range : 162,375.00 - 238,150.00 USD

All other cities and states excluding those listed above : Base Pay Range : 148,425.00 - 217,690.00 USD

J-18808-Ljbffr