Associate Threat Analyst

As a Threat Response Analyst, you will join Mimecast's Threat Response organization, supporting on-demand threat resolution. This involves providing customers with prompt feedback and intelligence on email-borne threats, remediating these threats from their environment, and implementing detections to prevent future incidents. The role ensures security solutions perform accurately, detecting the latest email-borne threats, and improving Mimecast's security layers through proactive research and customer feedback.

Must Have

• Analyze phishing/malicious email campaigns to identify IOC's
• Categorize email threats and determine detection updates
• Provide email security advice, expertise, and remediation to customers
• Understand security policies within the Mimecast Administration Console and provide configuration suggestions
• Research and investigate the latest security threats and their potential impact
• Work with security vendors around threat detection techniques and remediation
• Identify opportunities for improved processes and systems

Good to Have

• Working in a Security Operation Center (SOC)
• As an administrator using the Mimecast platform

Perks & Benefits

• Accelerate career journey
• Work with cutting-edge technologies
• Contribute to projects with real customer impact
• Dynamic environment that recognizes and celebrates achievements
• Formal and on-the-job learning opportunities
• Comprehensive benefits package for a healthy lifestyle
• Opportunities to work with cross-functional teams to build knowledge
• Hybrid working model (collaborative teamwork and individual flexibility)

As a Threat Response Analyst you will be joining the Threat Response organization and be responsible for supporting a service for on-demand threat resolution. The service is designed to provide customers with prompt feedback and intelligence on email-borne threats, remediate these threats from their email environment to reduce dwell time, and put the appropriate detections in place to prevent further incidents from occurring. The role may require working afternoon/evening shifts and being part of a rotation for holiday support.

Threat Response ensures that our security-focused solutions are performing accurately and efficiently. We verify that can detect the latest email-borne threats amidst a rapidly evolving threat landscape. Through threat research and customer feedback we identify where can be improved and update detection at our spam, URL, and attachment security layers. We strive for proactive, rather than reactive, approaches to threat detection.

The team is also responsible for assuring that maintains an exceptional sending reputation by looking for compromised email addresses and senders following poor mailing practice.

Threat Response works closely with research and development, as well as customer support. We are a global team that spans three continents.

What You'll Do:

• Analyze phishing/malicious email campaigns to identify IOC's
• Categorize email threats and determining the best means of updating detection
• Provide email security advice, expertise, and remediation to our customers
• Understand security policies within the Administration Console and providing configuration suggestions to customers
• Research and investigate the latest security threats and their potential impact to customers
• Work with security vendors around threat detection techniques and remediation
• Identifying opportunities for improved processes and systems

What You'll Bring:

• Experience and understanding of email security technologies: SPF, DKIM, DMARC
• Strong understanding of SMTP, SSL/TLS, POP3, IMAP, TCP/IP
• Working knowledge of messaging (email traffic management) and routing
• Strong understanding of Domain Name System (DNS)
• Strong understanding of URL structure, including components like protocols, domains, subdomains, paths, and query parameters
• Experience working with email/malware detection and blocking techniques
• Experience working with threat intelligence platforms
• Ability to translate complex technical capabilities into customer-friendly responses
• Curiosity about the infrastructure of phishing/malicious email campaigns
• Working within SaaS environments

Helpful if you have experience:

• working in a Security Operation Center (SOC)
• as an administrator using the platform

What We Bring

Join our TRR team to accelerate your career journey, working with cutting-edge technologies and contributing to projects that have real customer impact. You will be immersed in a dynamic environment that recognizes and celebrates your achievements.

is on a path of steady and healthy growth as a company, investing in people like you who bring the skills and expertise to raise our technical expertise, operational maturity, and customer success to the next level. Your contributions are important! Every voice and action matters.

offers formal and on-the-job learning opportunities, maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle, and importantly – opportunities to work with cross-functional teams to build your knowledge!

Our Hybrid Model:

We provide you with the flexibility to live balanced, healthy lives through our hybrid working model that champions both collaborative teamwork and individual flexibility. Employees are expected to come to the office at least two days per week, because working together in person:

• Fosters a culture of collaboration, communication, performance, and learning.
• Drives innovation and creativity within and between teams
• Introduces employees to priorities outside of their immediate realm.
• Ensures important interpersonal relationships and connections with one another and our community!

The base salary range for this position is $80k - $114k plus benefits. This range represents the minimum and maximum new hire compensation for this role. The position may also be eligible for incentive plans and additional benefits, in accordance with company policy and local regulations. Our salary ranges are determined by role, level, and location with individual compensation also dependent on factors such as qualifications, experience, and skills. Final offers will reflect these considerations and may vary accordingly.

Belonging at

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.