Threat Analyst - Email Security
Location
Argentina
Posted
33 days ago
Salary
0
Seniority
Mid Level
Job Description
Threat Analyst - Email Security
Proofpoint
Role Description This team is the front line of defence for protecting our customers from email messaging abuse. We are looking for a creative thinking, enthusiastic individual to join a diverse group of people who are passionate about defending the world from this growing threat. We are competing against very active, devious, and motivated adversaries who send trillions of spam and malware messages every year! If you are interested in helping us achieve our goal of ridding the world of email borne threats, then we'd definitely like to talk to you! Our team is a highly collaborative global community of like-minded people, where you are encouraged to be creative, expand your skills, and support others in doing the same. We believe in maintaining a strong work-life balance (a happy team is a productive team!), which has helped us develop a close community who look after each other and are always willing to offer guidance and assistance. Your day-to-day - Member of a creative, enthusiastic, and geographically distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam/Phishing/Malware/BEC (Email Fraud) attacks levied against some of the world's largest organizations. - Analyze misclassified email messages, URLs, and attachments (spam, malware, phishing, and legitimate) to make updates to detection technologies and correct their classifications. - Perform deep analyses of email headers, structures, and attachments to identify novel threat features, and develop new rules/methods to detect them. - Research into new trends and creation of pro-active detection to stop new threats before they start. - Contribute to the development of new tools and automation to aid in front line analysis, and to identify the latest threats. - Work with the team to come up with new and novel ways to detect threats. - Take on more complex customer false negative or false positive cases escalated by other analysts in the team that require more in-depth investigation and analysis. - Work on internal escalation tickets created by field teams for customers experiencing more complex or systemic recurring issues that have not been solved through usual means, collaborating with other engineering teams where necessary to find the best solutions. - On-call work - that means responding to high priority alerts sent by our threat monitoring system, and periodic monitoring of essential systems. You would be expected to be on call at times during your shift. - Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products. Qualifications - Strong analytical and creative problem-solving skills. - Proficient oral and written communications skills. Collaborates well in a team environment. Able to communicate complex technical concepts to customers in an accessible manner. - Familiarity with using the Linux command line, and tools for manipulating and extracting content from text files. - Good knowledge of regular expressions. - Familiarity with how mail delivery works, including SMTP. - General curiosity about the headers and structure of email messages. - Experience in a data science or similar role (a plus). - Willingness to interact with customers through our web-based ticketing system to help resolve their issues. - Ability to work independently but also to collaborate with worldwide, remote teams. - Positive, friendly attitude that enjoys problem solving. - Bachelor's or equivalent in IT related subject, or equivalent technical experience. - Experience with signature-based detections such as Clam, Yara, or similar an advantage. - Familiarity with a scripting language such as Python or Perl an advantage (a Big Plus). Benefits - Competitive compensation. - Comprehensive benefits. - Career success on your terms. - Flexible work environment. - Annual wellness and community outreach days. - Always on recognition for your contributions. - Global collaboration and networking opportunities. Company Description Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Proofpoint is a leading cybersecurity company protecting organizations’ greatest assets and biggest risks: vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
• Operate vulnerability management tools • Run and manage regular vulnerability scans across infrastructure, endpoints, and applications • Analyze and prioritize vulnerabilities using CVSS and business context • Maintain a consistent vulnerability management cadence (weekly/monthly cycles) • Drive reduction of critical and high-risk vulnerabilities • Partner with IT, Cloud, and Enterprise Applications teams to drive remediation • Maintain dashboards and reports for vulnerability status • Support vulnerability-related compliance activities (CMMC, NIST)
• Ensure secure architectures for applications, APIs and websites; • Implement and evolve secure CI/CD pipelines in GitLab (SAST, DAST, SCA and secrets management); • Support teams in secure development, following Secure SDLC practices; • Create security automations for vulnerability detection, incident response and environment hardening; • Work on security in multicloud environments (AWS, Azure, GCP and OCI); • Promote information security culture and serve as a technical reference for teams.
Analista de Cibersegurança - SOC N1
AccentureAccenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us at www.accenture.com
O Analista de Cibersegurança - SOC N1 será responsável pelo monitoramento contínuo dos sistemas de segurança da informação, atuando na detecção, triagem e escalonamento de incidentes de segurança. Esta posição é ideal para profissionais iniciantes na área de cibersegurança, com perfil analítico, atenção a detalhes e interesse em crescer na carreira de segurança da informação. Responsabilidades: - Monitorar alertas de segurança em ferramentas como SIEM, EDR, IDS/IPS, firewall, entre outras. - Realizar triagem inicial de eventos e incidentes de segurança. - Registrar e documentar incidentes conforme procedimentos definidos. - Escalonar eventos críticos para os níveis superiores (N2/N3) conforme critérios de severidade. - Apoiar na resposta a incidentes sob supervisão. - Garantir o cumprimento dos SLAs e KPIs definidos para o SOC. - Participar de reuniões de alinhamento e treinamentos técnicos periódicos. Requisitos: Obrigatórios: - Ter concluído ou está em formação técnica ou superior em áreas relacionadas à TI (Segurança da Informação, Ciência da Computação, Redes, etc.). - Conhecimentos básicos em redes, sistemas operacionais (Windows/Linux) e fundamentos de segurança da informação. - Boa comunicação verbal e escrita. - Disponibilidade para atuar em regime de plantão ou escala 24x7. Desejáveis: - Familiaridade com ferramentas de monitoramento e análise de logs. - Certificações como CompTIA Security+, ISO 27001 Foundation, ou similares. - Experiência com ferramentas SIEM (ex: Sentinel, Splunk, Google SecOps, QRadar, ArcSight, XSIAM). - Inglês técnico. About Accenture Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us at www.accenture.com Equal Employment Opportunity Statement We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.
Information Security Analyst
ICCUSince 1940, our mission has been to help members achieve financial success; and we have fun doing it! The culture is one where we care about each other. We are a work family, and you can feel it when you’re a part of it. ICCU was named a Best Place to Work in Idaho. We are a top financially performing credit union in the nation. ICCU was voted for large companies the Best Place to work in Idaho. We have also been named by S&P Global Market Intelligence as the top performing credit union in the nation. We are a talent-based organization looking for talented individuals to help our members achieve financial success.
Role Description The area of responsibility for the Information Security Analyst I is to maintain and improve the security posture of the Credit Union. The Information Security Analyst I position is responsible to help ensure that ICCU is secure through the support and maintenance of best practices, risk-based security requirements and controls set-forth by the ICCU Security Program. This is an entry level role with a specialty in InfoSec Physical Security. - Analyze and report on all controls associated with the Idaho Central Credit Union Security Program. - Maintain and support the Splunk SIEM Product used by Idaho Central Credit Union. - Assist with internal and external audits. - Provide front line monitoring and configuration of security systems. - Assist in security investigations. - Other duties as assigned. Qualifications - Bachelor’s degree required in Computer Science, Computer Information Systems, or engineering/math field of study highly preferred. - Security+ or SSCP certification. - 1 to 4 Years of experience in the Information Security field. - Ability to communicate with Executive Management, Credit Union personnel and communicate effectively through customized reports. - Ability to always maintain confidentiality of Credit Union and member records. Requirements - A demonstrated ability to figure out complex problems. - Ability to research, understand and report on high level security issues. - Attention to detail on many concurrent projects and initiatives. - A demonstrated cooperative and positive attitude toward members and other Credit Union staff. - Ability to work without supervision. - Must be willing to comply with the Bank Secrecy Act and USA Patriot Act as implemented by ICCU. Additional Physical Requirements - Ability to work all hours of the day onsite and remote. Physical Requirements - Perform tasks requiring manual dexterity (processing paperwork, filing, stapling, sorting, collating, typing, counting cash, etc.). - Sit for extended periods of time. - Lift 20-40 pounds of applicable supplies including but not limited to copy paper, cash drawers, marketing material, etc. - Repetitive motion using wrists, hands, and fingers. - Reach keyboards. - Ability to operate basic office machines (calculator, computer, telephone, copy machine, fax machine, etc.).
