Sr. Threat Researcher - Ecrime (Virtual - Anywhere in the US

at Proofpoint in Dover, Delaware, United States

Job Description

It’s fun to work in a company where people truly BELIEVE in what they’re doing!

We’re committed to bringing passion and customer focus to the business.

As a Proofpoint researcher focused on eCrime threats, you will spend time searching through data looking for threats, analyzing them, and making that information meaningful to our customers. Leveraging Proofpoint data, information from trust groups, and other sources, you will be responsible for covering the threat landscape with a focus on eCrime. You’ll communicate your findings to various groups including customers, internal threat researchers and teams who create detections in our products. You’ll be a part of a team of dynamic and creative threat researchers focused on the threat landscape, finding threats, understanding then, and using that knowledge to improve our products and protect our customers. This role is responsible for creating and presenting customer-facing and internal deliverables about their work.

Your day-to-day

+ Analyze malware and threat data from internal and external sources, both self-directed and in response to questions from customers, and activity on the changing landscape.

+ Conduct dynamic and static malware analysis on samples obtained from our customer data or threat hunting activity in order to assist in creating custom detection signatures

+ Identify, extract, and leverage intelligence from a vast amount of threat data

+ Expand upon existing intelligence to build profiles of adversary groups with focus on eCrime

+ Piece together threat campaigns, threat actors, and criminal organizations

+ Create and present written deliverables to multiple audiences, both external and internal.

+ Provide threat detection findings to detection teams as they create and deploy detections in our products

+ Maintain a list of current events, threats, and other information that our customers should be aware of

+ Report and disseminate information to our most important customers on threats that may affect them, such as emerging malware, security developments and insightful summaries of current events.

+ Collaborate on research projects with the wider threat research team

+ Leverage our threat database of millions of malware samples and produce data and reports that protect our customers

+ Work effectively as part of a remote team using chat, video chat and conference calls

What you bring to the team

+ A well-rounded understanding of the malware and information security threat landscape. You should love this field and have a passion for learning.

+ Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength

+ Skills to profile and track eCrime actors that pose a threat to our customers and threats found on the threat landscape in coordination with threat intelligence and detection teams

+ The ability to make a hypothesis based on your threat research, prove it using our data, and communicate that information to our customers or internal stakeholders

+ Present complex technical topics to senior managers, our customers, and internal stakeholders

+ Creative ideas around threat research and using big data to manifest them

+ Ability to comfortably communicate directly with customers and the security community

+ Experience with Network and Host malware detection

+ Demonstrable understanding of internet threat landscape

+ Excellent interpersonal, organizational, writing, communications, and briefing skills

+ Motivation to dig through internal and open source data to find threat information and use it to provide value to customers

+ Deep curiosity and a drive to understand advanced persistent threat on the Russia landscape

+ Strong analytical and problem-solving skills

+ Ability to use internal tools and resources for threat hunting

+ Experience tracking eCrime both at the malware and actor level, and extensive information sharing contacts within the threat intelligence industry

+ Knowledge of Zloader, Qbot, Dridex, Trick, Danabot, BazaLoader, AgentTesla, and Ursnif along with the actors delivering the aforementioned malware via email.

+ Experience with Python, Yara, and various technologies used for hunting in big data sets

+ Minimum of 5 years of progressively responsible experience in Cyber Security, incident response, threat intelligence, or related experience

+ Minimum of 5 years’ experience with threat research focused on eCrime


If you like wild growth and working with happy, enthusiastic over-achievers, you’ll enjoy your career with us!

To view full details and how to apply, please login or create a Job Seeker account
How to Apply Copy Link

Job Posting: JC198451601

Posted On: Nov 25, 2021

Updated On: Jan 21, 2022