We are seeking an experienced Email Security Analyst to strengthen our defenses against evolving email threats and ensure rapid, effective incident response. The role demands a proactive mindset, technical expertise, and the ability to handle customer escalations with clarity and professionalism.
Key Responsibilities
- Monitor and analyze email traffic to identify potential threats and optimize filtering accuracy.
- Investigate and respond to email-related security incidents, coordinating with cross-functional teams for swift resolution.
- Handle escalations from support teams and customers, providing expert guidance and actionable insights.
- Develop and refine detection mechanisms using Regex (and YARA, if applicable) to address gaps in threat coverage.
- Collaborate with internal teams to ensure consistent communication during incident investigations.
- Maintain detailed documentation of incidents, investigations, and resolutions to support knowledge sharing and continuous improvement.
- Support threat hunting activities using KQL and large dataset analysis.
- Participate in global on-call rotations (24×7 shifts).
Qualifications
- 3–5 years of experience in email or web-based security incident investigation and response.
- Minimum 2–3 years working with large datasets and performing advanced data analysis.
- Proficiency in Regex-based detection rules (familiarity with YARA preferred).
- Strong understanding of email protocols, headers, and O365 analysis tools.
- Prior experience handling customer escalations and delivering investigative reports.
- Experience managing a small team (6–8 members).
- Familiarity with KQL for threat hunting and correlation.
- Strong grasp of the email threat landscape and emerging attack vectors.
- Excellent communication skills (written & verbal).
Skills
Mandatory Skills: Threat Landscape, KQL, File Grading, Correlation, Email Grading, URL Grading, Network Grading, Regex