Threat Analyst - Email Security

The Role This team is the front line of defense for protecting our customers from email messaging abuse. We need a creative, enthusiastic individual to join a geographically distributed team that works 24/7/365 (“follow the sun”) to identify, parameterize, and respond quickly to spam, phishing, malware, and email‑fraud attacks against some of the world’s largest organizations. Your day-to-day Analyze misclassified email messages, URLs, attachments, and identify new threat features to improve detection technologies.

Perform deep analysis of email headers, structures, and attachments to develop new rules and methods to detect emerging threats. Research new trends and create proactive detection methods to stop threats before they appear. Contribute to the development of new analysis tools and automation to aid in front‑line analysis and threat identification.

Collaborate with the team to devise novel detection approaches. Investigate complex customer false‑negative or false‑positive cases escalated by other analysts. Handle internal escalation tickets from field teams for customers with ongoing issues, working with engineering teams when necessary.

Participate in on‑call duty, responding to high‑priority alerts from our threat monitoring system and monitoring essential systems. Help define the landscape, prevalence, and evolution of messaging abuse through future product requirement discussions. What you bring to the team Strong analytical and creative problem‑solving skills.

Proficient oral and written communication skills and the ability to explain complex technical concepts to customers. Familiarity with the Linux command line and tools for manipulating and extracting content from text files. Good knowledge of regular expressions.

Understanding of mail delivery, including SMTP. General curiosity about email header and structure. Experience in a data science or similar role (plus).

Willingness to interact with customers through a web‑based ticketing system to resolve issues. Ability to work independently and collaborate with remote teams worldwide. Positive, friendly attitude that enjoys problem solving.

BSc or equivalent in an IT‑related subject, or equivalent technical experience. Experience with signature‑based detections such as Clam, Yara, or similar is an advantage. Familiarity with a scripting language such as Python or Perl is a big plus.

U.S. Citizenship required. Benefits Competitive compensation.

Comprehensive benefits. Career success on your terms. Flexible work environment.

Annual wellness and community outreach days. Recognition for contributions. Global collaboration and networking opportunities.

Three‑week Work‑from‑Anywhere option. Paid Wellbeing Days and Volunteer Days per year. Base Pay Ranges SF Bay Area, New York City Metro Area: $136,200 – $214,005.

California (excl. SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, Alaska: $112,700 – $177,100. All other cities and states: $101,600 – $159,720.

Equal Opportunity Statement Proofpoint is an equal‑opportunity employer. We hire without consideration of race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status, or disability. #J-18808-Ljbffr