Staff Information Security Tools Engineer

Proofpoint - United States4.1

Full-timeEstimated: $120,000 - $180,000 a year
Company Overview

At Proofpoint, we have a passion for protecting people, data, and brands from today’s advanced threats and compliance risks. We hire the best people in the business to:

Build and enhance our proven security platform
Blend innovation and speed in a constantly evolving cloud architecture
Analyze new threats and offer deep insight through data-driven intel
Collaborate with customers to help solve their toughest security challenges
We are singularly devoted to helping our customers protect what matters most. That’s why we’re a leader in next- generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.

The Role

We are currently hiring an influential and creative Senior Information Security Tools Engineer interested in joining our Global Information Security team – creating tools that make it easy to efficiently manage security event prevention, detection, and response in our large-scale production infrastructure. Working in collaboration with other members of the Operations, Engineering, and Security teams you will build and maintain the fundamental tooling and automation that empowers our Information Security Engineers and Application Engineers to improve productivity and product security posture with a small, nimble team that has a really big impact.

Technologies you may work with include:
Perl, Python, Ruby, bash, Powershell, etc.
Operating systems (Windows, Linux)
Endpoint detection and response (e.g. GRR, osquery , sysmon )
Log collection and normalization (e.g. Splunk, ELK)
Configuration & runbook management (e.g. Puppet, Ansible, Rundeck, CloudFormation)
Public cloud/PaaS (e.g. AWS, Azure, GCC)
Continuous integration / continuous deployment (CI/CD)
Databases and related technology (MySQL/MariaDB, nosql , RDS)
Your day-to-day

Identify existing technology and processes, in use by the team, that would be good candidates for automation, security monitoring, reporting or tooling optimization
Recommend, design, build, and deploy new tools and platforms that automate, streamline and scale our security operations efforts
Build reusable libraries and tools for common application security functions
Develop custom security monitoring/reporting automation
Communication and coordination with Information & Application Security Engineers, Development, and other operations tools teams
Provide Ongoing monitoring, maintenance, and support of new and existing security tool systems and infrastructure
Analyze, scope, and document new tool requirements in accordance with standards
What you bring to the team

Security operations background that supports your understanding of security-specific tool needs (e.g. detection, forensics, log normalization, privilege separation, etc.)
Demonstrated success automating and optimizing security tools and infrastructure in a complex large-scale computing environment
Experienced utilizing packet capture tools and analysis of packet data
Experienced with IDS monitoring technologies (Snort, Suricata, Security Onion, etc.)
Effective and efficient programming skills; a fundamental understanding of what makes maintainable, extensible, and scalable code
Comfortable working with existing code, open source tools, APIs, and driving for improvement whenever possible
Excellent organizational skills, ability to independently prioritize day-to-day tasks
BS in Computer Science or relevant work / coding experience is required
Why Proofpoint

As a customer focused and driven-to-win organization with leading-edge products, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and treating them well is key to our success! We are a multi-national company with locations in 10 countries, with each location contributing to Proofpoint’s amazing culture!