[Remote] Staff Security Engineer, Threat Defense & Automation
Note: The job is a remote job and is open to candidates in USA. Proofpoint is a global leader in human- and agent-centric cybersecurity, dedicated to protecting organizations from cyber threats. The role involves managing and responding to security incidents, acting as an escalation point for the 24/7 Security Operations Center, and enhancing security incident response capabilities through automation and collaboration.
Responsibilities
⢠Act as the Level 3 escalation point for high-severity security incidents within the global 24/7 SOC
⢠Lead complex investigations into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats
⢠Provide expert-level guidance on containment, mitigation, and remediation strategies
⢠Proactively hunt for hidden threats within enterprise networks using threat intelligence and behavioral analytics
⢠Develop and refine threat detection rules to improve SOC visibility
⢠Assess emerging threats and provide actionable recommendations to enhance security posture
⢠Design and implement automated workflows to enhance security event triage and response
⢠Leverage SOAR (Security Orchestration, Automation, and Response) platforms to streamline incident response
⢠Work with SIEM (Security Information and Event Management) tools to optimize log ingestion and alerting mechanisms
⢠Collaborate with security architects and engineers to enhance detection and response capabilities
⢠Perform root cause analysis on security incidents and recommend improvements to security controls
⢠Stay updated on industry best practices and evolving attack techniques to ensure effective defenses
Skills
⢠12 yrs + hands-on experience in Cybersecurity Incident Response or Security Operations
⢠Must be a US Citizen
⢠Strong background in SOC operations, SIEM, threat intelligence, and digital forensics. Expertise in investigating malware, phishing, web attacks, insider threats, and advanced persistent threats (APTs)
⢠Experience working with security automation and orchestration tools (SOAR)
⢠Familiarity with scripting languages such as Python, PowerShell, or Bash for security automation
⢠Strong understanding of MITRE ATT&CK framework, TTPs (Tactics, Techniques, and Procedures), and cyber kill chain
⢠Hands-on experience with cloud security (AWS, Azure, GCP) is a plus
⢠Certifications such as GCIH, GCFA, CISSP, CISM, or OSCP are highly desirable
⢠Ability to work in a fast-paced, global environment and collaborate with cross-functional teams
Benefits
⢠Competitive compensation
⢠Comprehensive benefits
⢠Career success on your terms
⢠Flexible work environment
⢠Annual wellness and community outreach days
⢠Always on recognition for your contributions
⢠Global collaboration and networking opportunities
⢠Flexible time off
⢠A comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year
⢠A three-week Work from Anywhere option
Company Overview
⢠Proofpoint provides cloud-based email security, e-discovery, and compliance solutions for companies to protect sensitive business data. It was founded in 2002, and is headquartered in Sunnyvale, California, USA, with a workforce of 1001-5000 employees. Its website is http://www.proofpoint.com.
Apply Now
Apply Now
Responsibilities
⢠Act as the Level 3 escalation point for high-severity security incidents within the global 24/7 SOC
⢠Lead complex investigations into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats
⢠Provide expert-level guidance on containment, mitigation, and remediation strategies
⢠Proactively hunt for hidden threats within enterprise networks using threat intelligence and behavioral analytics
⢠Develop and refine threat detection rules to improve SOC visibility
⢠Assess emerging threats and provide actionable recommendations to enhance security posture
⢠Design and implement automated workflows to enhance security event triage and response
⢠Leverage SOAR (Security Orchestration, Automation, and Response) platforms to streamline incident response
⢠Work with SIEM (Security Information and Event Management) tools to optimize log ingestion and alerting mechanisms
⢠Collaborate with security architects and engineers to enhance detection and response capabilities
⢠Perform root cause analysis on security incidents and recommend improvements to security controls
⢠Stay updated on industry best practices and evolving attack techniques to ensure effective defenses
Skills
⢠12 yrs + hands-on experience in Cybersecurity Incident Response or Security Operations
⢠Must be a US Citizen
⢠Strong background in SOC operations, SIEM, threat intelligence, and digital forensics. Expertise in investigating malware, phishing, web attacks, insider threats, and advanced persistent threats (APTs)
⢠Experience working with security automation and orchestration tools (SOAR)
⢠Familiarity with scripting languages such as Python, PowerShell, or Bash for security automation
⢠Strong understanding of MITRE ATT&CK framework, TTPs (Tactics, Techniques, and Procedures), and cyber kill chain
⢠Hands-on experience with cloud security (AWS, Azure, GCP) is a plus
⢠Certifications such as GCIH, GCFA, CISSP, CISM, or OSCP are highly desirable
⢠Ability to work in a fast-paced, global environment and collaborate with cross-functional teams
Benefits
⢠Competitive compensation
⢠Comprehensive benefits
⢠Career success on your terms
⢠Flexible work environment
⢠Annual wellness and community outreach days
⢠Always on recognition for your contributions
⢠Global collaboration and networking opportunities
⢠Flexible time off
⢠A comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year
⢠A three-week Work from Anywhere option
Company Overview
⢠Proofpoint provides cloud-based email security, e-discovery, and compliance solutions for companies to protect sensitive business data. It was founded in 2002, and is headquartered in Sunnyvale, California, USA, with a workforce of 1001-5000 employees. Its website is http://www.proofpoint.com.
Apply Now
Apply Now