Sr. Threat Operation Analyst
Cordoba, Argentina
Proofpoint
Proofpoint helps protect people, data and brands against cyber attacks. Offering compliance and cybersecurity solutions for email, web, cloud, and more.It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
The Role
You are a Senior CyberSecurity Analyst (email borne threats) or have a strong desire and a skill set to become one!
We are looking for a highly intelligent, driven person to join a dynamic group of people who are passionate about saving the world from the growing threat of e-mail borne threats: phishing, malware , BEC and spam. We are competing against a very active, creative, and motivated adversary who was credited as sending over 40 trillion spam messages last year alone! If you are interested in helping us achieve our goal and rid the world of phishing, malware and spam, we definitely would like to speak with you. We offer a challenging environment that fosters creativity and rewards excellence.
Your day to day
Member of a creative, enthusiastic, and geographically distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations.
Analyze email messages reported by customers as well as work on large data sets in order to determine correct classification (spam, phishing, malware, BEC (Advanced Email Fraud), bulk, ham).
CONTENT DEVELOPMENT. Perform deep analyses of spam message headers & structures to identify novel spam features, and design various rules/signatures to detect those features and block email borne threats
Ad-hoc development of tools as necessary to aid/streamline analysis activities.
As an Email Cybersecurity analyst, who has coding experience and skills - an opportunity to design and develop new PoCs threat detection system(s) based on your expertise or learn how to add this skill to your toolset.
Continue to develop and support existing Threat Detection PoCs based on the existing Threat Detection framework
Developing and maintaining Python applications/tools, writing clean and efficient code, debugging and troubleshooting issues, collaborating with cross-functional teams, and participating in code reviews. Knowledge of database systems.
Be available in an rotating on-call basis to respond to develop signatures, that detect and block an emerging or an ongoing threat(s)
Provide responses and explanations to customers in a positive, professional manner if needed
Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products.
What you bring to the team
Knowledge of different types of email borne attack vectors, tools and tactics
In-depth knowledge of email borne threats: phishing, malware, BEC and spam. Ability to find and research suspicious patterns in URLs, domains, in conjunction with overall email structure (email headers and email context).
Ability to create detection signatures/rules (content development) based on observed suspicious patterns with experience of 2-4 or more years in the field.
General curiosity about the headers and structure of email messages.
General familiarity with how mail delivery works, knowledge of email security standards and protocols, such as SPF, DKIM, and DMARC, would be beneficial.
Practical knowledge (hands-on experience) with Regular Expressions
Minimum 2+ years hands-on experience with Python or a different programming language
Experience in one of Python frameworks (Django, Flask or Pandas)
Experience with data analysis, familiarity with cybersecurity best practices, and the ability to work with large datasets.
Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files is a must have
Familiarity and/or experience with LUA based detection signatures is a plus
Familiarity and/or experience with ClamAV based detection signatures is a plus
Willingness to play an important technical role
Demonstrated analytical and creative problem-solving abilities.
Ability to work independently yet fully integrate with worldwide, remote teams.
Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done.
Requirements/Education and/or Equivalent Experience (including technical and non-technical capabilities)
BSCS or equivalent, or equivalent technical experience.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Django Flask Lua Malware POCs Python Threat detection UNIX
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.