Sr. Threat Operation Analyst

Cordoba, Argentina


Proofpoint helps protect people, data and brands against cyber attacks. Offering compliance and cybersecurity solutions for email, web, cloud, and more.

View company page

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

The Role

You are a Senior CyberSecurity Analyst  (email borne threats) or have a strong desire and a skill set to become one!

We are looking for a highly intelligent, driven person to join a dynamic group of people who are passionate about saving the world from the growing threat of e-mail borne threats: phishing, malware , BEC and spam. We are competing against a very active, creative, and motivated adversary who was credited as sending over 40 trillion spam messages last year alone! If you are interested in helping us achieve our goal and rid the world of phishing, malware and spam, we definitely would like to speak with you. We offer a challenging environment that fosters creativity and rewards excellence.


Your day to day                                         

  • Member of a creative, enthusiastic, and geographically distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations.

  • Analyze email messages reported by customers as well as work on large data sets in order to determine correct classification (spam, phishing, malware, BEC (Advanced Email Fraud), bulk, ham).

  • CONTENT DEVELOPMENT.  Perform deep analyses of spam message headers & structures to identify novel spam features, and design various rules/signatures to detect those features and block email borne threats

  • Ad-hoc development of tools as necessary to aid/streamline analysis activities.

  • As an Email Cybersecurity analyst, who has coding experience and skills - an opportunity to design and develop new PoCs  threat detection system(s) based on your expertise or learn how to add this skill to your toolset.

  • Continue to develop and support  existing Threat Detection PoCs based on the existing Threat Detection framework

  • Developing and maintaining Python applications/tools, writing clean and efficient code, debugging and troubleshooting issues, collaborating with cross-functional teams, and participating in code reviews. Knowledge of database systems.

  • Be available in an rotating on-call basis to respond to develop signatures, that detect and block an emerging or an ongoing threat(s)

  • Provide responses and explanations to customers in a positive, professional manner if needed

  • Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products.

What you bring to the team

  • Knowledge of different types of email borne attack vectors, tools and tactics  

  • In-depth knowledge of email borne threats: phishing, malware, BEC and spam. Ability to find and research suspicious patterns in URLs, domains, in conjunction with overall email structure (email headers and email context). 

  • Ability to create detection signatures/rules  (content development) based on observed suspicious patterns with experience of 2-4 or more years in the field.                   

  • General curiosity about the headers and structure of email messages.               

  • General familiarity with how mail delivery works, knowledge of email security standards and protocols, such as SPF, DKIM, and DMARC, would be beneficial.

  • Practical knowledge (hands-on experience) with Regular Expressions                                               

  • Minimum 2+ years hands-on experience with Python or a different programming language

  • Experience in one of Python frameworks (Django, Flask or Pandas)

  • Experience with data analysis, familiarity with cybersecurity best practices, and the ability to work with large datasets.

  • Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files is a must have

  • Familiarity and/or experience with LUA based detection signatures is a plus

  • Familiarity and/or experience with ClamAV based detection signatures is a plus

  • Willingness to play an important technical role

  • Demonstrated analytical and creative problem-solving abilities.          

  • Ability to work independently yet fully integrate with worldwide, remote teams.            

  • Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done.              

  • Requirements/Education and/or Equivalent Experience (including technical and non-technical capabilities)            

  • BSCS or equivalent, or equivalent technical experience.   

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Django Flask Lua Malware POCs Python Threat detection UNIX

Perks/benefits: Career development Team events

Region: South America
Country: Argentina
Job stats:  7  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.