It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
This is a great opportunity to shape our group-wide security strategy going forward. You will be responsible for diving deep into understanding our end-to-end service architecture and potential security vulnerabilities, and working with our security team and software engineering team to develop/use tools and automation software to identify vulnerabilities, detect potential issues and help us improve resilience to various attack vectors. If you absolutely love tinkering with things, understanding how they work and simply put, love breaking them - then this is a perfect fit. In this new position, you'll help define the role and the tooling and methodology we use. The main focus in the data path side, i.e. network, less from the user interfaces users interact with. You need to love scripting and automating because you don't want to do anything twice. This is a hands-on role where you will be responsible for the entire Secure development lifecycle process. You will own security reviews, risk analysis, penetration testing and implementing solutions jointly with Software engineers across the organization.
* Identify security vulnerabilities in our services and develop mitigation solutions
* Work effectively with various scrum teams to deliver required security features
* Develop automation tests to identify security vulnerabilities
* Evaluate and recommend new and emerging security products and technologies
* Develop and deliver training for specific security technologies/tools
* Develop innovative automation that can improve our resilience to various attack vectors
* Develop your role as a company expert in matters concerning security. This includes being participation at relevant security conferences.
* Perform Internal penetration tests for various services
What you bring to the team
* Possess expert knowledge in computer security, threat modeling and penetration testing. In particular deep knowledge of SMTP and HTTP protocols, cryptography, authentication protocols, authorization schemes and security engineering is a must.
* Demonstrated passion for security
* Demonstrated expertise in network protocols (primarily TCP/IP, UDP, SMTP, HTTP/S)
* Experience with automation technologies, using perl, Python, Ruby, bash or other scripting languages
* Communicates clearly both verbally and in writing, within team and external groups.
* Can read CVEs and communicate their meaning to the engineering team by translating them into actionable stories
* Understands and performs the Secure development lifecycle process
* BS in Engineering, CS or equivalent experience.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
Proofpoint provides cloud-based email security, e-discovery and compliance solutions for companies to protect sensitive business data.