Lead Cybersecurity Analyst specializing in Cloud Security for FIS. Assessing security posture of cloud environments and providing actionable remediation strategies.
About the role
- Senior CyberSecurity Analyst focusing on identifying and responding to email borne threats at Proofpoint. Collaborating with a global team to develop detection signatures against phishing, malware, and spam attacks.
Responsibilities
- Member of a creative, enthusiastic, and geographically distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations.
- Analyze data and logs, search for specific patterns to identify email accounts take over, suspicious Ips, IP ranges, sending domains, etc, etc
- Find suspicious behavioral patterns and identify/fix FNs/FPs
- Analyze email messages reported by customers as well as work on large data sets in order to determine correct classification (spam, phishing, malware, BEC (Advanced Email Fraud), bulk, ham).
- Some CONTENT DEVELOPMENT.
- Perform deep analyses of spam message headers & structures to identify novel spam features, and design various rules/signatures to detect those features and block email borne threats
- Ad-hoc development of tools as necessary to aid/streamline analysis activities is a plus
- As an Email Cybersecurity analyst, who has coding experience and skills - an opportunity to design and develop new PoCs threat detection system(s) based on your expertise or learn how to add this skill to your toolset.
- Developing and maintaining Python applications/tools, writing clean and efficient code, debugging and troubleshooting issues, collaborating with cross-functional teams, and participating in code reviews is a plus
- Knowledge of database systems is a plus
- Be available in an rotating on-call basis to respond to develop signatures, that detect and block an emerging or an ongoing threat(s)
- Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products.
Requirements
- Deep knowledge of IP space
- Deep knowledge of Domain space
- Knowledge of different types of email borne attack vectors, tools and tactics
- Solid SQL, Presto SQL skills – proven experience in query building is a must
- In-depth knowledge of email borne threats: phishing, malware, BEC and spam.
- Ability to find and research suspicious patterns in sending Ips, URLs, domains, in conjunction with overall email structure (email headers and email context).
- Ability to create detection signatures/rules (content development) based on observed suspicious patterns with experience of 2-4 or more years in the field.
- General curiosity about the headers and structure of email messages.
- General familiarity with how mail delivery works, knowledge of email security standards and protocols, such as SPF, DKIM, and DMARC, would be beneficial.
- Practical knowledge (hands-on experience) with Regular Expressions
- Minimum 2+ years hands-on experience with Python or a different programming language is a plus
- Experience in one of Python frameworks (Django, Flask or Pandas) is a plus
- Experience with data analysis, familiarity with cybersecurity best practices, and the ability to work with large datasets.
- Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files is a must have
- Familiarity and/or experience with LUA based detection signatures is a plus
- Familiarity and/or experience with ClamAV and/or Yara and/or in-house developed framework allowing to research and create signature based detection on email borne threats based detection signatures is a plus
- Willingness to play an important technical role
- Demonstrated analytical and creative problem-solving abilities.
- Ability to work independently yet fully integrate with worldwide, remote teams.
- Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done.
Benefits
- Competitive compensation
- Comprehensive benefits
- Career success on your terms
- Flexible work environment
- Annual wellness and community outreach days
- Always on recognition for your contributions
- Global collaboration and networking opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Network Security Analyst II securing information systems and networks against security threats at Cayuse. Responsible for vulnerability assessments, incident response, and security measures implementation.
Threat Hunting Analyst supporting Sales/Pre - Sales teams demonstrating threat detection capabilities at Bolster. Conducting investigations, analyzing phishing infrastructure, and building customer trust.
Senior Network Security Analyst responsible for network security and infrastructure management at Minsait. Collaborating on innovative projects while ensuring compliance and performance optimization.
Junior Cybersecurity Analyst supporting operational technology security and vulnerability management efforts in a hybrid work environment at Minsait.
Senior Access Management Analyst ensuring information security and integrity at Banco ABC Brasil. Managing user access and implementing security policies in the organization.
Senior Security Analyst at Asta focused on security engineering and operational resilience in a hybrid role. Collaborating with various teams to enhance security protocols and manage incidents.
Information Security Analyst securing client systems and data through analysis and compliance with standards. Collaborating with IT teams to implement secure system solutions and oversee risk assessments.
IT Security Analyst for Bundesdruckerei GmbH monitoring security events in diverse infrastructures. Collaborating within the Blue Team and responding to security incidents.
Cyber Security Analyst within the Cyber Security Governance, Risk and Compliance team. Supporting effective management and oversight of cyber risk at Heathrow Airport.