We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Proofpoint Jobs

Mobile proofpoint Logo
Home View All Jobs (380)

Job Information

Proofpoint Senior APT Threat Analyst in London, United Kingdom

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

Corporate Overview

Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks: vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web.

We are singularly devoted to helping our customers protect their greatest assets and biggest security risk: their people. That’s why we’re a leader in next-generation cybersecurity.

The Role

As a Proofpoint Advanced Persistent Threat (APT) researcher, you will spend time searching through data looking for threats, analyzing them, and making that information meaningful to our customers. Leveraging Proofpoint data, common threat intelligence data providers, information from trust groups, and other sources, you will be responsible for covering the threat landscape with a focus on state aligned threats in specific regions of interest as assigned by the APT team manager. As an APT specialist you’ll communicate your findings to various groups including customers, fellow threat researchers and teams who create detections in our products. You will also have the opportunity to present your research at public and private industry conferences. You’ll be a part of a team of dynamic and creative threat researchers focused on the threat landscape, finding threats, understanding them, and using that knowledge to improve our products and protect our customers. Making APT landscape research visible and useful for our customers is a large part of this role.

  • Monitor and analyze threat intelligence sources to stay abreast of new threats and tactics.

  • Collect, process, and disseminate intelligence to stakeholders in a timely and actionable manner.

  • Develop and maintain relationships with external organizations to improve information sharing and collaboration.

  • Identify gaps in collection, recommend, and participate in the implementation of solutions to fill those gaps.

  • Produce intelligence reports and technical briefings on current and emerging threats for various audiences: Proofpoint executives, public blogs and Proofpoint customers

  • Use excellent analytical skills to work in a diverse team environment, exchanging ideas and data with developers, support, product managers, and customers.

Your day-to-day

  • Hunt in Proofpoint’s proprietary telemetry sources to identify and cluster state aligned cyber espionage activity.

  • Analyze APT-related attack chains, including phishing, malware and threat data from internal and external sources, with a focus on activity that has an email component.

  • Provide threat detection findings to detection teams as they create and deploy detections in our products

  • Occasionally conduct dynamic and static malware analysis on samples obtained from our customer data and threat hunting activity to assist in signature development

  • Piece together malicious campaigns, threat actors, and unattributed activity

  • Prepare APT activity notification reports for impacted customers

  • Generate intelligence to support Proofpoint’s mission to protect our customers

  • Create and present written deliverables to multiple audiences, both external and internal.

  • Present complex technical topics to senior management, internal stakeholders, our customers, and peers

  • Expand upon existing intelligence to build profiles of tracked Threat Actors

  • Collaborate on research projects with the wider threat research team

What you bring to the team

  • An empathetic approach to collaboration and a flexible attitude, ready to work with a close knit team passionate about disrupting adversaries

  • A well-rounded understanding of the current APT threat landscape in general

  • Direct experience tracking apex cyber espionage actors of any region, familiarity with their TTPs and key features that can be used for attribution.

  • Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength.

  • Skills to profile and track APT actors efficiently, including Yara, infrastructure tracking, reverse engineering capabilities, indicator pivoting techniques and enough experience with a scripting language to automate various aspects of your work

  • The ability to make a hypothesis based on your threat research, prove or disprove it using our data, and communicate that information to our customers or internal stakeholders

  • Ability to comfortably communicate directly with customers and the security community

  • Experience with Network and Host malware detection engineering

  • Excellent interpersonal, organizational, writing, communications, and briefing skills

  • Motivation to dig through internal and open-source data to find threat information and use it to provide value to customers

  • Experience with various technologies used for hunting in big data sets

Nice to have

  • Formal university-level education in computer science, computer security or another related discipline, or equivalent certifications and/or work experience

  • Information security community experience; a blog, website, published papers, conference presentations, or other experience on the public side of the security field

  • Experience working remotely for a large information security vendor

  • Familiarity with email delivery mechanisms (DNS, SMTP, etc) & common email formats (RFC822 headers, MIME)

  • Familiarity with email-borne threats and related analysis techniques

  • Familiarity with Suricata or Snort

  • Familiarity with interpreting malware sandboxing reports

Why Proofpoint

Protecting people is at the heart of our award-winning cybersecurity solutions, and the people who work here are the key to our success. We’re a customer-focused and driven-to-win organisation with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly ‘culture-add’, and we strongly encourage people from all walks of life to apply.

We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. Apply today and explore your future at Proofpoint! #LifeAtProofpoint

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Proofpoint has been honored with five Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams.

To view additional awards, please visit www.proofpoint.com/us/news#awards

Proofpoint thrives on the invaluable contributions of our diverse workforce, which encompasses a kaleidoscope of lived experiences, thoughts, perspectives, and professional expertise. We attribute much of our success to our people, who are at the core of our organization and embody our people-centric ethos.

We hire the most innovative minds globally to safeguard our customers’ sensitive data and intellectual property. Our talented workforce develops and leverages our advanced technology, combining their expertise to provide comprehensive protection against threat actors and mitigate the risks posed by both malicious and negligent employees.

Cyberattacks have the potential to disrupt access to vital resources such as energy, water, transportation, healthcare, and financial services. At Proofpoint, our dedicated team works tirelessly to ensure world-class cyber resilience, protecting approximately 8,000 enterprise customers worldwide.

We are committed to creating a diverse, equitable, and inclusive environment. We work every day to ensure that our employees feel that they are in a community that celebrates their unique identity, cultivates their sense of belonging, and invests in their professional growth. We have 9 employee-led employee inclusion groups which help support both employees and our organization by providing opportunities to network, discuss career and cultural development and uplift the corporate culture to create a more inclusive workplace.

At Proofpoint, we have a passion for protecting people, data, and brands from today’s advanced threats and compliance risks. We hire the best people in the business to:

  • Build and enhance our proven security platform

  • Blend innovation and speed in a constantly evolving cloud architecture

  • Analyze new threats and offer deep insight through data-driven intel

  • Collaborate with customers to help solve their toughest security challenges

We are singularly devoted to helping our customers protect what matters most. That’s why we’re a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.

Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

DirectEmployers