Threat Intelligence Researcher

Proofpoint   •  

Sunnyvale, CA

Industry: Technology


Less than 5 years

Posted 157 days ago

This job is no longer available.


Company Overview

At Proofpoint, we have a passion for protecting people, data, and brands from today’s advanced threats and compliance risks. We hire the best people in the business to:

  • Build and enhance our proven security platform
  • Blend innovation and speed in a constantly evolving cloud architecture
  • Analyze new threats and offer deep insight through data-driven intel
  • Collaborate with customers to help solve their toughest security challenges

We are singularly devoted to helping our customers protect what matters most. That’s why we’re a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.

The Role

As a Proofpoint Advanced Persistent Threat (APT) researcher focused on China-based threats, you will spend time searching through data looking for threats, analyzing them, and making that information meaningful to our customers. Leveraging Proofpoint data, information from trust groups, and other sources, you will be responsible for covering the threatlandscape with a focus on APT in general and China-based APT in specific. As an APT specialist you’ll communicate your findings to various groups including customers, internal threat researchers and teams who create detections in our products. You’ll be a part of a team of dynamic and creative threat researchers focused on the threatlandscape, finding threats, understanding then, and using that knowledge to improve our products and protect our customers. This role is responsible for creating and presenting customer-facing and internal deliverables about their work. Making APT landscape research visible and useful for our customers is a large part of this role.

Your day-to-day

  • Analyze malware and threat data from internal and external sources, both self-directed and in response to questions from customers, and activity on the changing landscape.
  • Conduct dynamic and static malware analysis on samples obtained from our customer data or threat hunting activity in order to assist in creating custom detection signatures
  • Identify, extract, and leverage intelligence from APT data
  • Expand upon existing intelligence to build profiles of adversary groups with focus on China-based APT
  • Piece together threatcampaigns, threat actors, and nation-state organizations
  • Create and present written deliverables to multiple audiences, both external and internal.
  • Provide threat detection findings to detection teams as they create and deploy detections in our products
  • Analyze threatcampaigns, author customer-specific threatreports, and publish research results around specific verticals or geographic locations as they relate to China-based APT
  • Maintain a list of current events, threats, and other information that our customers should be aware of
  • Report and disseminate information to our most important customers on threats that may affect them, such as emerging malware, security developments and insightful summaries of current events.
  • Collaborate on research projects with the wider threat research team
  • Leverage our threatdatabase of millions of malware samples and produce data and reports that protect our customers
  • Work effectively as part of a remote team using chat, video chat and conference calls

What you bring to the team

  • A well-rounded understanding of the malware and information securitythreatlandscape. You should love this field and have a passion for learning.
  • Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
  • Skills to profile and track APT actors that pose a threat to our customers and threats found on the threatlandscape in coordination with threat intelligence and detection teams
  • The ability to make a hypothesis based on your threat research, prove it using our data, and communicate that information to our customers or internal stakeholders
  • Present complex technical topics to senior managers, our customers, and internally
  • Creative ideas around threat research and using big data to manifest them
  • Ability to comfortably communicate directly with customers and the security community
  • Experience with Network and Host malware detection
  • Demonstrable understanding of internet threatlandscape
  • Excellent interpersonal, organizational, writing, communications, and briefing skills
  • Motivation to dig through internal and open source data to find threat information and use it to provide value to customers
  • Deep curiosity and a drive to understand advanced persistent threat on the China landscape
  • Strong analytical and problem-solving skills
  • Ability to use internal tools and resources for threat hunting
  • Experience tracking China-based and other APT actors, and extensive information sharing contacts within the threat intelligence industry
  • Experience with Python, MongoDB, Yara, and various technologies used for hunting in big data sets
  • Minimum of 5 years of progressively responsibleexperience in Cyber Security, incident response, threat intelligence, or related experience
  • 3-5 years’ experience with malware analysis
  • Minimum of 3 years’ experience with threat research focused on APT

Nice to have

  • Information security community experience; a blog, website, published papers, conference presentations, or other experience on the public side of the security field
  • Fluency in Chinese language
  • Familiarity with Suricata or Snort
  • Familiarity with malware Sandboxing
  • Amazing presentation skills
  • Experience working remotely for a large information security vendor
  • Located in a US timezone, available during US business hours

Additional Information

  • Travel: 10%
  • Location: Anywhere in USA, work from home/remote acceptable

Why Proofpoint

As a customer focused and driven-to-win organization with leading edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and treating them well is key to our success! We are a multi-national company with locations in 10 countries, with each location contributing to Proofpoint’s amazing culture!