About Us:

Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people.

How We Work:

At Proofpoint you’ll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values:

Bold in how we dream and innovate

Responsive to feedback, challenges and opportunities

Accountable for results and best in class outcomes

Visionary in future focused problem-solving

Exceptional in execution and impact

The Role

The Security Solution Analyst II will be responsible for oversee escalations from L1 analysts and customers, coordinate rapid response for high-severity incidents, and continuously improve detection logic, playbooks, and the AI agent’s policies to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). The use of guiding AI agents, enforcing guardrails, adjudicating complex decisions, and ensuring timely, high-quality incident handling. Collaborate closely with Threat Intel, Services, and Customer Success teams to orchestrate safe, explainable, and measurable AI-led outcomes that protect client environments at scale. Assisting with ALL alerts that are generated by Proofpoint's TRAP, CTR solutions and Security Incident Event Management (SIEM), this may also include other Proofpoint Products as needed and be responsible for the building of and maintenance of escalation work flows and providing feedback on request. This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that Proofpoint is constantly improving upon the organization’s ISMS. Each member of our team must understand the importance of the ISMS and the subsequent handling of client data.

This role will be shift based: US Eastern Time 9am - 6pm (this may include weekends)

Your day-to-day

• Monitoring and improving AI agents, enforcing guardrails, adjudicating complex decisions

• Training and mentoring of junior analysts

• Oversee escalations from L1 analysts and customers, coordinate rapid response for high-severity incidents

• Assisting with L1 triaged as needed

• They will also be responsible for the building of and maintenance of escalation work flows and providing feedback on request.

• Provide feedback recommendations to the Client Service Manager

• Presentation of reports and advanced analytics findings when required

• Attendance at all routine client meetings and prep-meetings for Proofpoint Clients

• Overall Responsibility for any non-engineering client requests.

• Assist in identifying opportunities for new alarms policies

• Maintenance of runbooks/Proofpoint documentation (i.e. alarm workflows, escalation procedures, team details, client knowledge base)

Job Requirements

• 2+ years in L2 supervision or incident command

• Experience with automation/SOAR workflows and policy-based approvals for response actions.

• Demonstrated ability to review and improve AI-driven detections or automated playbooks; comfort with explainability, guardrails, and risk-based decisions.

• Familiarity with agentic AI concepts (tool-use policies, action confidence, multi-agent orchestration, reward signals) and RAG pipelines for security context.

• Knowledge of Phishing technology and functions of some security tools that protect/prevent end users against them

• Knowledge of SIEM technology and functions of some security tools

• Experience working with interpreting, tuning, searching and manipulating data within SIEM

• Experience working with interpreting, searching and understanding the backdown of the structure of an email

• The ability to demonstrate understanding of what a phishing email is, how to spot on and what ramification could be to an end user/company if not stopped

• Knowledge or experience utilizing the Cyber Kill Chain, Diamond Model or other appropriate models

• Experience in gathering and managing threat intelligence

• Ability to present a recommended remediation strategy to client in professional format

• Basic knowledge of cyber security threats and the ability to explain the impact they have to a user/company Nice to have

• Windows administration experience Sec+
  

#LI-Remote

Why Proofpoint?

At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you’ll love working with us:

• Competitive compensation

• Comprehensive benefits

• Career success on your terms

• Flexible work environment

• Annual wellness and community outreach days

• Always on recognition for your contributions

• Global collaboration and networking opportunities

Our Culture:

Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone.

We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to [email protected].

How to Apply

Interested? Submit your application along with any supporting information- we can’t wait to hear from you!

Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a competitive benefits package, including flexible time off, a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option.

Base Pay Ranges:

SF Bay Area, New York City Metro Area:

California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska:

All other cities and states excluding those listed above: