Proofpoint

Senior Threat Research Engineer

Proofpoint

full-time

Posted on:

Origin:  • 🇦🇷 Argentina

Visit company website
AI Apply
Manual Apply

Job Level

Senior

Tech Stack

CloudCyber SecurityDjangoFlaskLuaPandasPythonUnix

About the role

  • Member of a geographically distributed 24/7/365 team responding to spam attacks
  • Analyze customer-reported emails and large datasets to determine correct classification
  • Perform deep analyses of spam message headers & structures and design rules/signatures
  • Ad-hoc tool development to streamline analysis activities
  • Design and develop PoC threat detection systems and maintain existing PoCs
  • Develop and maintain Python applications/tools and participate in code reviews
  • Be available on a rotating on-call basis to develop signatures for emerging threats
  • Help define landscape and evolution of messaging abuse and contribute to product requirements

Requirements

  • Knowledge of different types of email borne attack vectors, tools and tactics
  • In-depth knowledge of email borne threats: phishing, malware, BEC and spam
  • Ability to find and research suspicious patterns in URLs, domains, and overall email structure
  • Ability to create detection signatures/rules with 2-4 or more years experience
  • General familiarity with mail delivery, SPF, DKIM, and DMARC
  • Practical knowledge of Regular Expressions
  • Minimum 2+ years hands-on experience with Python or another programming language
  • Experience in one of Python frameworks (Django, Flask or Pandas)
  • Experience with data analysis and working with large datasets
  • Familiarity with Unix environments and Unix command line tools
  • Familiarity and/or experience with LUA based detection signatures is a plus
  • Familiarity and/or experience with ClamAV and/or Yara is a plus
  • BSCS or equivalent, or equivalent technical experience