Senior Software Security Engineer
Muon SpaceSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
- Design and develop software using a variety of languages, primarily Python, with little external guidance
- Provide technical leadership to guide other software engineers on the team
- Skill in modifying existing web-based UI for internal tools (sandbox submission and report UI)
- Skill in writing C or C++ for low-level interactions with the OS
- Develop and maintain web browser interaction capabilities using Chrome web driver
- Analyze and reverse engineer JavaScript that fingerprints web browser artifacts to identify sandbox web browsers or instrumentation
- Innovate solutions to defeat browser fingerprinting checks
- Familiarity with analyzing web front-end and the Document Object Model (DOM)
- Develop and maintain software for processing network traffic, including TLS decryption and processing PCAP files
- Work closely with threat analysts and detection engineers
- Create new detection languages and systems for threat researchers (as needed)
- Add features to existing threat detection languages for greater flexibility
- Make use of AI Large Language Models to enhance threat detection pipelines, produce samples, and make decisions on AI application
- Design and develop automation pipelines to turn manual tasks into automated scripts
- Stay abreast of evolving threat landscape, especially URL sandbox fingerprinting/detection/evasion techniques
- Provide expert assistance to threat researchers and analysts on phishing websites, evasion techniques, and red team demonstrations (as needed)
- Reverse engineer malware executable files for Windows to support sandbox countermeasure development (as needed, not primary)
- Apply critical thinking skills to identify issues
Responsibilities
- Design and develop software using Python and other languages, providing technical leadership
- Modify and maintain web-based UI for sandbox submission and reporting
- Write C/C++ code for OS-level interactions
- Develop and maintain Chrome web driver capabilities for browser interactions
- Analyze and reverse engineer JavaScript for browser fingerprinting and develop evasion countermeasures
- Analyze web front-end and DOM
- Develop and maintain network traffic processing software (TLS decryption, PCAP)
- Collaborate with threat analysts and detection engineers on threat actor research and detection rules
- Create new detection languages/systems and enhance existing ones for threat researchers
- Integrate AI LLMs into threat detection pipelines appropriately
- Build automation pipelines for manual tasks
- Monitor latest threat actor TTPs, focusing on sandbox evasion
- Support threat researchers with phishing analysis, evasion techniques, and red team demos
- Perform Windows malware RE as needed for sandbox countermeasures
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What programming languages will I be working with in this role?
You will primarily use Python for designing and developing software, with some work requiring C or C++ for low-level OS interactions, and skills in modifying web-based UI.
Is this a remote position or does it require office work?
This information is not specified in the job description.
What is the salary or compensation for this Staff Security Research Engineer role?
This information is not specified in the job description.
What are Proofpoint's core values and company culture like?
Proofpoint is guided by BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results, Visionary in future-focused problem-solving, and Exceptional in execution and impact. You'll be part of a global team working closely with threat analysts and detection engineers.
What skills make a strong candidate for this position?
Strong candidates should have expertise in Python, reverse engineering JavaScript for browser fingerprinting, analyzing web front-end and DOM, processing network traffic including TLS decryption and PCAP files, and experience with Chrome web driver.
Proofpoint
Cybersecurity solutions for email and digital communication
About Proofpoint
Proofpoint specializes in cybersecurity, focusing on protecting organizations from advanced threats and compliance risks. The company offers a range of solutions that secure email, social media, and other digital communication channels against cyber threats like phishing, malware, and ransomware. Its products work by utilizing advanced technologies, including machine learning and artificial intelligence, to detect and respond to threats in real-time. Proofpoint differentiates itself from competitors by providing user-friendly solutions that easily integrate into existing IT systems, along with subscription-based services that allow clients to select service tiers tailored to their needs. The company's goal is to enhance the cybersecurity defenses of various organizations, from large enterprises to small businesses, ensuring their digital communications remain secure.
Sunnyvale, CaliforniaHeadquarters
2002Year Founded
$55.4MTotal Funding
IPOCompany Stage
Cybersecurity, AI & Machine LearningIndustries
1,001-5,000Employees
Benefits
Health, dental, & vision
Employer-paid life, disability & employee assistance programs
Unlimited PTO
401K match
Remote work option
Risks
Integration challenges with Tessian and Illusive could disrupt operations.
Regulatory scrutiny may delay acquisition closings, affecting strategic plans.
Reliance on AI poses risks if technologies fail to adapt to new threats.
Differentiation
Proofpoint leverages AI and machine learning for real-time threat detection.
The company offers a comprehensive suite of cybersecurity solutions for digital communication.
Proofpoint's subscription-based model ensures recurring revenue and flexible service tiers.
Upsides
Acquisitions of Tessian and Illusive enhance AI-driven threat protection capabilities.
Growing demand for ITDR solutions boosts Proofpoint's market position.
Increased focus on AI-driven email security solutions aligns with industry trends.
Related Jobs
RemoteRemoteSenior Security Engineer, Research & Engineering
Trail of BitsSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteMachine Learning Security Researcher
Trail of BitsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior/ Staff Security Engineer, Detection and Response
Grow Therapy$168,000 - $220,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSr. Security Researcher - Mobile Malware Reverse Engineer (Remote)
CrowdstrikeSalary not specified
RemoteDetection & Response Engineer III - NG-SIEM (Remote)
CrowdstrikeSalary not specified
RemoteStaff Software Engineer, Product Security
SlackSalary not specified
- Full Time
- Junior (1 to 2 years)
RemotePrincipal, Product and Technology Partnerships
SonarSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSr Manager, Threat Intelligence
UltraViolet CyberSalary not specified
RemoteFirefox OS Integration Engineer, Mac OS Engineering
MozillaSalary not specified
RemoteStaff Infrastructure Security Software Engineer (Remote)
QuoraSalary not specified
- Full Time
- Junior (1 to 2 years)