Montana Jobs

facebook youtube linkedin
Mobile Montana Labor & Industry Mobile Logo

Job Information

Proofpoint Sr. Security Research Engineer (Remote - Anywhere in the US) in Helena, Montana

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

Proofpoint's Threat Research organization is looking for an experienced security research engineer with a passion for outsmarting threat actors and mitigating their evasion techniques. In this highly technical role, you will be able to perform R&D activities that result in the delivery of novel detonation, detection, and classification capabilities to accurately classify malware on a massive scale. You will be an integral part of an amazing, collaborative, industry-leading research and development team that battles threat actors daily to protect an expanding, global customer base. If you thrive on using your insane technical skills to analyze and defeat the latest threat actor TTPs; If you want to solve problems where the answer can’t be google’d, then this is the role for you. US-based, full telecommute.

Your day-to-day

  • Stay abreast of a constantly evolving and diverse threat landscape

  • Understand the latest TTPs used by threat actors to bypass detection environments

  • Perform technical root cause analysis of detection misclassifications (FN’s/FP’s):

  • Perform malware analysis, as necessary, to facilitate a deeper understanding of detection issues and possible solutions

  • Leverage analysis findings to research and develop novel, foundational detection approaches, techniques, and capabilities

  • Develop parsers and feature extractors to facilitate the development of quality detection signatures

  • Work within threat research and in conjunction with engineering teams to successfully deploy the results of your R&D efforts on a massive scale

  • Identify mechanisms for tracking efficacy improvements

  • Work effectively as part of a remote team using chat, video chat and virtual meetings

What you bring to the team

  • A passion for threat research and a well-rounded yet deep understanding of the security threat landscape, malware behavior, and actor TTPs

  • Thorough understanding of the Windows PE file format

  • Advanced understanding of Windows Internals (architecture, processes, threads)

  • Understanding of the compiler toolchain in a Windows context

  • Experience using static analysis tools to analyze malicious binaries

  • Experience detonating malware including the ability to thwart bypass techniques

  • Experience wrestling with packers or malware that leverages protectors such as Enigma, VMProtect, Themida

  • Experience using parsers for malicious file formats (e.g. PE’s, OLE, CDFv2, PDF, OpenOffice, RTF, etc.)

  • Sufficient development skills to enable the development of parsers for malicious file formats

  • Willing and able to work independently and collaboratively within and across teams

  • A hard-working, self-directed team player fully capable of working remotely

Nice to have:

  • Experience building or using emulators for malware analysis and/or detection

  • Experience developing Windows kernel-mode drivers

  • Experience with hypervisor introspection as a detection mechanism

  • Experience leveraging Machine Learning for detection (binary classification) and/or classification (clustering) purposes

Additional Information

  • Travel: 10%

  • Location: Work From Home in US

  • Must be able to work during business hours local to your timezone

#LI-EC1 #LI-Remote

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!