The Proofpoint Threat Research team—including Emerging Threats—investigates and creates protective measures against advanced malware and intrusion techniques used by cybercriminal and nation-state actors. To do this effectively, researchers rely on innovative tooling, scalable infrastructure, and hygienic analysis environments. This role focuses on building and maintaining those systems.
Your day-to-day tasks:
- Evaluate and support changes to our Threat Analysis environment
- Analyze needs and create and support internal tools where appropriate
- Support a team researching new and past threats, including malware, exploit kits, and vulnerabilities
Specific techncial areas of need:
- Experience with network traffic inspection tools, such as Wireshark, tcpdump, Moloch, etc.
- Familiarity with virtualization technologies, such as VMware products, VirtualBox, KVM, etc.
- Experience with one or more scripting languages. Lua and Python proficiency preferred.
- Experience with regular expressions/PCRE.
- Creativity, enthusiasm for the network threat space, and a willingness to collaborate with the team.
- Must be able to work under broad strategic guidance.
What you bring to the team:
- Experience building web applications (React preferred)
- RESTful API design and implementation
- Database experience (PostgreSQL, ES, or MongoDB)
- Data pipeline and ETL experience
- Experience with containerization (Docker, Kubernetes)
This is a solution engineering role at the intersection of threat research, detection engineering, and platform development. You’ll enable researchers to move faster, see more, and detect better by creating and maintaining tools to help them help each other and our customers.
#LI-remote