Proofpoint Sr. Threat Researcher – Ecrime (Virtual – Anywhere in the US) in Helena, Montana
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
As a Proofpoint researcher focused on eCrime threats, you will spend time searching through data looking for threats, analyzing them, and making that information meaningful to our customers. Leveraging Proofpoint data, information from trust groups, and other sources, you will be responsible for covering the threat landscape with a focus on eCrime. You’ll communicate your findings to various groups including customers, internal threat researchers and teams who create detections in our products. You’ll be a part of a team of dynamic and creative threat researchers focused on the threat landscape, finding threats, understanding then, and using that knowledge to improve our products and protect our customers. This role is responsible for creating and presenting customer-facing and internal deliverables about their work.
Analyze malware and threat data from internal and external sources, both self-directed and in response to questions from customers, and activity on the changing landscape.
Conduct dynamic and static malware analysis on samples obtained from our customer data or threat hunting activity in order to assist in creating custom detection signatures
Identify, extract, and leverage intelligence from a vast amount of threat data
Expand upon existing intelligence to build profiles of adversary groups with focus on eCrime
Piece together threat campaigns, threat actors, and criminal organizations
Create and present written deliverables to multiple audiences, both external and internal.
Provide threat detection findings to detection teams as they create and deploy detections in our products
Maintain a list of current events, threats, and other information that our customers should be aware of
Report and disseminate information to our most important customers on threats that may affect them, such as emerging malware, security developments and insightful summaries of current events.
Collaborate on research projects with the wider threat research team
Leverage our threat database of millions of malware samples and produce data and reports that protect our customers
Work effectively as part of a remote team using chat, video chat and conference calls
What you bring to the team
A well-rounded understanding of the malware and information security threat landscape. You should love this field and have a passion for learning.
Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
Skills to profile and track eCrime actors that pose a threat to our customers and threats found on the threat landscape in coordination with threat intelligence and detection teams
The ability to make a hypothesis based on your threat research, prove it using our data, and communicate that information to our customers or internal stakeholders
Present complex technical topics to senior managers, our customers, and internal stakeholders
Creative ideas around threat research and using big data to manifest them
Ability to comfortably communicate directly with customers and the security community
Experience with Network and Host malware detection
Demonstrable understanding of internet threat landscape
Excellent interpersonal, organizational, writing, communications, and briefing skills
Motivation to dig through internal and open source data to find threat information and use it to provide value to customers
Deep curiosity and a drive to understand advanced persistent threat on the Russia landscape
Strong analytical and problem-solving skills
Ability to use internal tools and resources for threat hunting
Experience tracking eCrime both at the malware and actor level, and extensive information sharing contacts within the threat intelligence industry
Knowledge of Zloader, Qbot, Dridex, Trick, Danabot, BazaLoader, AgentTesla, and Ursnif along with the actors delivering the aforementioned malware via email.
Experience with Python, Yara, and various technologies used for hunting in big data sets
Minimum of 5 years of progressively responsible experience in Cyber Security, incident response, threat intelligence, or related experience
Minimum of 5 years’ experience with threat research focused on eCrime
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!