Senior Threat Research Engineer
Senior Threat Research Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Threat Research Engineer Threat Protection
The Role
As a Threat Research Engineer you will be a key player in defending our customers against a wide array of email-borne threats with a primary focus on utilizing and enhancing our anti-spam engines and rule-based detection systems. You will be hunting for threats like phishing business email compromise (BEC) spam and other unwanted mail within large datasets. Your core responsibilities will involve in-depth analysis of email characteristics developing and tuning detection strategies for our anti-spam platforms documenting new attack techniques and identifying detection gaps. You will collaborate closely with product and engineering teams to suggest and implement improvements ensuring our email security solutions remain highly effective.
Why Join Our Team
At Mimecast youll directly combat emerging email threats dissecting attacker TTPs and crafting robust detection rules. This is a unique opportunity to leverage vast real-world data and advanced anti-spam engines transforming your research into tangible protection for millions of users globally. If youre driven to understand and neutralize the latest email attack vectors Mimecast offers a dynamic environment where your work has immediate and significant customer impact keeping organizations safe every day.
What Youll Do:
- Proactively identify and dissect diverse email-borne threats including sophisticated phishing Business Email Compromise (BEC) malware campaigns and pervasive spam.
- Conduct in-depth technical analysis of email headers content sending infrastructure URLs (particularly in the context of phishing and spam) and other message attributes to identify crucial patterns and characteristics of unwanted or malicious email.
- Develop test and maintain complex detection signatures and rules in antispam engines (e.g. Rspamd SpamAssassin etc)
- Monitor threat trends and adapt detection logic to keep pace with evolving attack techniques.
- Collaborate with a global team of Threat Researchers to investigate complex campaigns share insights and collectively improve detection efficacy.
- Automate data extraction in-depth analysis and the reporting of detection performance and efficacy.
- Query and analyse large datasets utilise platforms such as Clickhouse AWS Athena etc. identify detection gaps measure scanner effectiveness and drive data-informed improvements.
- Document observed Tactics Techniques and Procedures (TTPs) related to email-delivered threats and communicate them internally or externally.
- Participate in cross-functional projects with Product Engineering and Operations teams to enhance Mimecasts overall security posture and product capabilities.
What You Bring to the Team:
- Experience with email detection/filtering engines (Rspamd SpamAssassin MailScanner or similar) including rule/signature development.
- Knowledge of the email threat landscape their associated TTPs and a strong curiosity to learn about the infrastructure and methodologies behind phishing and malicious email campaigns.
- Understanding of core email protocols (SMTP/POP/IMAP) and authentication standards (DKIM SPF DMARC).
- Experience in Python/Lua or other scripting languages effectively applied to automation data analysis and tool development.
- Advanced SQL skills for querying manipulating and extracting insights from large complex datasets.
- Excellent time management and ability to self-prioritize in a fast-paced environment.
- Able to collaborate effectively both in-office and remotely; strong written and verbal communication skills.
- A genuine eagerness to learn continuously adapt to new challenges and proactively share knowledge with colleagues.
What We Bring:
Join our Threat Protection team to accelerate your career journey working with cutting-edge technologies and contributing to projects that have real customer impact. You will be immersed in a dynamic environment that recognizes and celebrates your achievements.
Mimecast offers formal and on the job learning opportunities maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle and importantly - working in cross functional teams to build your knowledge!
Our Hybrid Model: We provide you with the flexibility to live balanced healthy lives through our hybrid working model that champions both collaborative teamwork and individual flexibility. Employees are expected to come to the office at least two days per week because working together in person:
- Fosters a culture of collaboration communication performance and learning
- Drives innovation and creativity within and between teams
- Introduces employees to priorities outside of their immediate realm
- Ensures important interpersonal relationships and connections with one another and our community!
#LI-CS1
DEI Statement
Cybersecurity is a community effort. Thats why were committed to building an inclusive diverse community that celebrates and welcomes everyone unless theyre a cybercriminal of course.
Were proud to be an Equal Opportunity and Affirmative Action Employer and wed encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.
We consider everyone equally: your race age religion sexual orientation gender identity ability marital status nationality or any other protected characteristic wont affect your application.
Due to certain obligations to our customers an offer of employment will be subject to your successful completion of applicable background checks conducted in accordance with local law.
Required Experience:
Senior IC
Employment Type
Full-Time
