Staff Information Security Engineer Threat Defence & Automation

About Us:

Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people data and AI agents connect across email cloud and collaboration tools. Over 80 of the Fortunelarge enterprises and millions of smaller organizations trust Proofpoint to stop threats prevent data loss and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people.

How We Work:

At Proofpoint youll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values:

Bold in how we dream and innovate

Responsive to feedback challenges and opportunities

Accountable for results and best in class outcomes

Visionary in future focused problem-solving

Exceptional in execution and impact

Role Overview

Were seeking a Staff Information Security Engineer to help lead and evolve our Global Information Security this role youll shape incident response strategy push forward advanced threat detection and defence capabilities and take point on the most complex security investigations across the enterprise.

As a Staff-level engineer you will operate as a subject matter expert and technical leader partnering across SOC Threat Intelligence Detection Engineering and Security Engineering to improve Proofpoints ability to detect respond to and proactively hunt advanced threats. This role includes participation in a 24/7 on-call incident response rotation.

Key Responsibilities

• Serve as a Level 3 / Staff escalation point for high-severity incidents

• Lead investigations into APTs ransomware insider threats and cloud compromises

• Act as incident commander and coordinate response efforts. - Participate in 24/7 on-call incident response

• Lead threat hunting across endpoint network identity and cloud

• Operationalize threat intelligence into detections and response

• Design and improve detections across SIEM EDR and SOAR

• Automate incident triage and response workflows

• Drive post-incident reviews and continuous improvement

• Mentor team members and influence security strategy

Required Qualifications & Experience

• Extensive experience in Incident Response DFIR Threat Hunting or Security Operations

• Deep expertise in incident response threat hunting and threat intelligence

• Strong knowledge of MITRE ATT&CK and adversary TTPs

• Experience with SIEM EDR SOAR and cloud security

• Scripting experience (Python PowerShell or Bash)

• Strong communication and leadership skills.

Nice To Have

• Experience building threat hunting or detection programs

• Background in threat intelligence or red/purple teaming

• Certifications such as GCFA GCIH CISSP CISM OSCP

#LI-CB1

Why Proofpoint

At Proofpoint we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons youll love working with us:

• Competitive compensation

• Comprehensive benefits

• Career success on your terms

• Flexible work environment

• Annual wellness and community outreach days

• Always on recognition for your contributions

• Global collaboration and networking opportunities

Our Culture:

Our culture is rooted in values that inspire belonging empower purpose and drive success-every day for everyone.

We encourage applications from individuals of all backgrounds experiences and perspectives. If you need accommodation during the application or interview process please reach out to .

How to Apply

Interested Submit your application along with any supporting information- we cant wait to hear from you!