Threat Response Analyst II

Threat Response Analyst II
About Mimecast

Mimecast is a leading cybersecurity company protecting organizations' people, data, and communications. Trusted by over 42,000 customers worldwide, it’s recognized as a Leader in the Gartner Magic Quadrant for Digital Communications Governance and Archiving.

Focusing on Human Risk Management, Mimecast addresses the human factor in cybersecurity through advanced threat detection, awareness training, risk management, and data governance. Its solutions ensure communication data is archived, compliant, and discoverable, helping businesses reduce risks tied to human actions.
 

Mimecast is an AI-First engineering organization. Our teams actively leverage AI-powered development tools across all facets of engineering, from code development to testing, documentation, and operations. We're looking for leaders who don't just use AI tools but champion their adoption and establish new ways of working. Our AI leadership extends beyond how we build to what we build. Our Mihra AI agent delivers 7x faster threat response for customers, and we're recognized as "Agents of Change" in Human Risk Management. Engineers here work at the intersection of cutting-edge AI tooling and AI-powered security products that protect organizations worldwide.
 

As a Threat Response Analyst, you will be joining the Mimecast Messaging Security organization and be responsible for supporting a service for on-demand threat resolution. The service is designed to provide customers with prompt feedback and intelligence on email-borne threats, remediate these threats from their email environment to reduce dwell time, and put the appropriate detections in place to prevent further incidents from occurring.

Messaging Security ensures that our security-focused solutions are performing accurately and efficiently. We verify that Mimecast can detect the latest email-borne threats amidst a rapidly evolving threat landscape. Through threat research and customer feedback, we identify where Mimecast can be improved and update detection at our spam, URL, and attachment security layers. We strive for proactive, rather than reactive, approaches to threat detection.

The team is also responsible for assuring that Mimecast maintains an exceptional sending reputation by looking for compromised email addresses and senders following poor mailing practices. Messaging Security works closely with research and development, as well as customer support. We are a global team that spans three continents.

The role requires flexibility to work afternoon/evening shifts and participate in a 24/7 rotational schedule, including nights, weekends, and holidays, to ensure continuous threat response.

What You'll Do:

• Analyse phishing/malicious email campaigns to identify IOC's.
• Categorize email threats and determine the best means of updating detection.
• Provide email security advice, expertise, and remediation to our customers.
• Research and investigate the latest security threats and their potential impact on Mimecast customers.
• Understand security policies within the Mimecast Administration Console and provide configuration suggestions to customers.
• Work with security vendors around threat detection techniques and remediation.
• Respond promptly to customer follow-up cases and address queries through internal communication channels related to the MEIR service offering.
• Leverage AI tools to enhance threat detection, analysis, and response processes.
• Train and answer questions from Associate or Level 1 Threat Response Analysts.
• Assist in the creation and delivery of threat intelligence reports.
• Identify opportunities for improved processes and systems.
• Work closely with other teams and individuals across Mimecast to ensure seamless communication and effective teamwork.
• Troubleshoot platform issues and escalate them to Engineering, Product, and Management teams as necessary for resolution.
• Consistently implement and reflect company values in daily tasks and responsibilities.
• Participate in a 24/7 rotational shift schedule to ensure continuous threat monitoring and response.

What You'll Bring:

• Working knowledge of messaging (email traffic management) and routing.
• Experience and understanding of email security technologies.
• Advanced understanding of Domain Name System (DNS).
• Advanced understanding of SMTP, SSL/TLS, POP3, IMAP, TCP/IP.
• Ability to translate complex technical capabilities into management-friendly responses.
• Curiosity about the infrastructure of phishing/malicious email campaigns.
• 1+ years’ experience working with the Mimecast platform will be advantageous.
• 2+ years’ experience working in a Security Operation Center (SOC).
• Experience working with email/malware detection and blocking techniques.
• Advanced experience in email threat research and response.
• Strong experience working with threat intelligence platforms.
• Strong experience working within SaaS environments.
• Familiarity with AI tools and their application in cybersecurity workflows.
• Flexibility to work in a 24/7 rotational shift environment, including nights, weekends, and holidays.
• Knowledge of cybersecurity principles and best practices, with certifications such as CompTIA Security+ or CySA+, being advantageous.

What We Bring:

Join our Threat Response | Ops Team to accelerate your career journey, working with cutting-edge technologies and contributing to projects that have real customer impact. You will be immersed in a dynamic environment that recognizes and celebrates your achievements.
Mimecast is on a path of steady and healthy growth as a company, investing in people like you who bring the skills and expertise to raise our technical expertise, operational maturity, and customer success to the next level. Your contributions are important! Every voice and action matters. Mimecast offers formal and on-the-job learning opportunities, maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle, and importantly – opportunities to work with cross-functional teams to build your knowledge!

Our Hybrid Model:

We provide you with the flexibility to live balanced, healthy lives through our hybrid working model that champions both collaborative teamwork and individual flexibility. Employees are expected to come to the office at least two days per week because working together in person:

• Fosters a culture of collaboration, communication, performance, and learning.
• Drives innovation and creativity within and between teams.
• Introduces employees to priorities outside of their immediate realm.
• Ensures important interpersonal relationships and connections with one another and our community!

Belonging at Mimecast

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment.