Proofpoint Sr. Threat Researcher - APT Russia (Virtual - Anywhere in the US) in St. Louis, Missouri
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
As a Proofpoint Advanced Persistent Threat (APT) researcher focused on Russia-based threats, you will spend time searching through data looking for threats, analyzing them, and making that information meaningful to our customers. Leveraging Proofpoint data, information from trust groups, and other sources, you will be responsible for covering the threat landscape with a focus on APT in general and Russia-based APT in specific. As an APT specialist you’ll communicate your findings to various groups including customers, internal threat researchers and teams who create detections in our products. You’ll be a part of a team of dynamic and creative threat researchers focused on the threat landscape, finding threats, understanding then, and using that knowledge to improve our products and protect our customers. This role is responsible for creating and presenting customer-facing and internal deliverables about their work. Making APT landscape research visible and useful for our customers is a large part of this role.
Analyze malware and threat data from internal and external sources, both self-directed and in response to questions from customers, and activity on the changing landscape.
Conduct dynamic and static malware analysis on samples obtained from our customer data or threat hunting activity in order to assist in creating custom detection signatures
Identify, extract, and leverage intelligence from APT data
Expand upon existing intelligence to build profiles of adversary groups with focus on Russia-based APT
Piece together threat campaigns, threat actors, and nation-state organizations
Create and present written deliverables to multiple audiences, both external and internal.
Provide threat detection findings to detection teams as they create and deploy detections in our products
Analyze threat campaigns, author customer-specific threat reports, and publish research results around specific verticals or geographic locations as they relate to Russia-based APT
Maintain a list of current events, threats, and other information that our customers should be aware of
Report and disseminate information to our most important customers on threats that may affect them, such as emerging malware, security developments and insightful summaries of current events.
Collaborate on research projects with the wider threat research team
Work effectively as part of a remote team using chat, video chat and conference calls
What you bring to the team
A well-rounded understanding of the malware and information security threat landscape. You should love this field and have a passion for learning.
Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
Skills to profile and track APT actors that pose a threat to our customers and threats found on the threat landscape in coordination with threat intelligence and detection teams
The ability to make a hypothesis based on your threat research, prove it using our data, and communicate that information to our customers or internal stakeholders
Present complex technical topics to senior managers, our customers, and internal stakeholders
Creative ideas around threat research and using big data to manifest them
Ability to comfortably communicate directly with customers and the security community
Experience with Network and Host malware detection
Demonstrable understanding of internet threat landscape
Excellent interpersonal, organizational, writing, communications, and briefing skills
Motivation to dig through internal and open source data to find threat information and use it to provide value to customers
Deep curiosity and a drive to understand advanced persistent threat on the Russia landscape
Strong analytical and problem-solving skills
Ability to use internal tools and resources for threat hunting
Experience tracking Russia-based and other APT actors, and extensive information sharing contacts within the threat intelligence industry
Experience with Python, Yara, and various technologies used for hunting in big data sets
Minimum of 5 years of progressively responsible experience in Cyber Security, incident response, threat intelligence, or related experience
Minimum of 3 years’ experience with threat research focused on APT
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
At Proofpoint, we have a passion for protecting people, data, and brands from today’s advanced threats and compliance risks. We hire the best people in the business to:
Build and enhance our proven security platform
Blend innovation and speed in a constantly evolving cloud architecture
Analyze new threats and offer deep insight through data-driven intel
Collaborate with customers to help solve their toughest security challenges
We are singularly devoted to helping our customers protect what matters most. That’s why we’re a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.