Proofpoint, Inc. Georgia, USA
Jun 26, 2019
It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. At Proofpoint, we have a passion for protecting people, data, and brands from today s advanced threats and compliance risks. We hire the best people in the business to Build and enhance our proven security platform Blend innovation and speed in a constantly evolving cloud architecture Analyze new threats and offer deep insight through data-driven intel Collaborate with customers to help solve their toughest security challenges We are singularly devoted to helping our customers protect what matters most. That s why we re a leader in next-generation cybersecurity and why more than half of the Fortune 100 trust us as a security partner. The Role This role is responsible for creating detection rules for our Emerging Threats Pro IDS feed product and static detections for threats in email. You'll write static-based network and email defense signatures in order to detect malware and credential phishing threats to our customers. As a Proofpoint Senior Threat Detection Engineer, you will perform malware analysis and spend time searching through data to facilitate signature creation, analyzing threats, and making that information meaningful to our customers. You ll be a part of a team of dynamic and creative threat researchers focused on finding malware, understanding how it works and using that knowledge to improve our products. Your day-to-day Write intrusion detection rules for the Snort and Suricata platform Write ClamAV rules for internal static processing Answer support questions about rule guidance and false positives Work with the open source community to maintain and optimize the ETOpen ruleset Research new and past threats, including malware, exploit kits, and vulnerabilities What you bring to the team Experience with network traffic inspection tools, such as Wireshark, tcpdump, Moloch etc. Familiarity with writing signatures for the Snort or Suricata IDS platforms. Experience with yara rules Experience with ClamAV signature creation An interest in the larger threat landscape Familiarity with virtualization technologies, such as VMware products, VirtualBox, KVM, etc. Experience with one or more scripting languages. Lua and Python proficiency preferred. Experience analyzing and interpreting host, network, and memory artifacts from sandbox environments. Experience with PCRE. Excellent verbal and written communication skills Creativity, enthusiasm for the malware space, and and willingness to collaborate with the team Must be able to work independently Additional Information This is a fully remote position, with candidate expected to be available via audio and video conference, chat networks and email during US business hours Travel 10 Location Anywhere in USA, work from homeremote Why Proofpoint As a customer focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and treating them well is key to our success! We are a multi-national company with locations in 10 countries, with each location contributing to Proofpoint s amazing culture! LI-DNP If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!