Sr. Threat Analyst (Threat Operations Group)
Proofpoint
Cordoba, AR
hace 18 horas
source : DirectEmployers Association

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business.

The Role We are looking for a highly intelligent, driven person to join a dynamic group of people who are passionate about saving the world from the growing threat of e-mail messaging abuse.

We are competing against a very active, creative, and motivated adversary who was credited as sending over 40 trillion spam messages last year alone! If you are interested in helping us achieve our goal and rid the world of spam, we definitely would like to speak with you.

We offer a challenging environment that fosters creativity and rewards excellence. Your day to day

  • Member of a creative, enthusiastic, and geographically-distributed team (in a 24 / 7 / 365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations.
  • Provide written responses and explanations to customers who request assistance through our ticketing system.
  • Analyze email messages reported by customers in order to determine correct classification (spam, threat, bulk, ham).
  • Be available in an on-call basis to analyze e-mail messages to determine correct classification (spam, threat, bulk, ham).
  • Perform deep analyses of spam message headers & structures to identify novel spam features, and design regular-expression (regex) based rules to detect those features.
  • Participate in attack post-mortems to improve the team's response to threats.
  • Provide responses and explanations to customers in a positive, professional manner.
  • Analyze misclassified messages (spam and legitimate) and make updates to spam definitions to correct their classifications.
  • Ad-hoc development of tools as necessary to aid / streamline analysis activities.
  • Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products. What you bring to the team
  • Minimum 2 years experience with Python, Jypyter Notebooks.
  • Threat analysis expertise (desired : malware, phish, spam).
  • Knowledge of different types of threat actors, attack vectors, tools, tactics, and technical data. PRE-ATT&CK tactics and techniques know-how is desired as well.
  • Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files.
  • Strong written and verbal communication skills, including the ability to convey highly technical information in an accessible manner.
  • Experience with Perl, especially advanced regular expressions and Unix command line invocations.
  • General familiarity with how mail delivery works, including SMTP.
  • Willingness to play an important technical role that does NOT primarily involve development although Python coding skills are desirable, but not a must.
  • In-depth knowledge of email borne threats : phishing, malware, spam. Ability to find and research suspicious patterns in URLs, domains, in conjunction with overall email structure (email headers and email context).
  • Knowledge and experience in mining email text / verbiage to find suspicious / known bad patterns to be used in signatures.
  • Good understanding on existing techniques for "Social Engineering / 419 spam as well as BEC as a sub-category of thereof.
  • Ability to create signature rules based on observed suspicious patterns.
  • With experience of 3-4 or more years in the field.
  • General curiosity about the headers and structure of email messages.
  • Demonstrated analytical and creative problem-solving abilities.
  • Willingness to interact with customers (web and occasionally phone-based support) to help resolve their issues.
  • Ability to work independently yet fully integrate with worldwide, remote teams.
  • Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done.
  • Requirements / Education and / or Equivalent Experience (including technical and non-technical capabilities)
  • BSCS or equivalent, or equivalent technical experience. #LI-EC1 If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us! At Proofpoint, we have a passion for protecting people, data, and brands from today's advanced threats and compliance risks.
  • We hire the best people in the business to : + Build and enhance our proven security platform+ Blend innovation and speed in a constantly evolving cloud architecture+ Analyze new threats and offer deep insight through data-driven intel+ Collaborate with customers to help solve their toughest security challengesWe are singularly devoted to helping our customers protect what matters most.

    That's why we're a leader in next-generation cybersecurity-and why more than half of the Fortune 100 trust us as a security partner.

    Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

    Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación