Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Hunt and analyse email threats, developing detection strategies to protect users.
- Company: Mimecast is a leader in email security, dedicated to keeping organisations safe from cyber threats.
- Benefits: Enjoy a hybrid work model, formal learning opportunities, and a comprehensive benefits package.
- Why this job: Make a real impact by combating email threats and collaborating with a global team of experts.
- Qualifications: Experience with email filtering engines, scripting languages, and strong analytical skills are essential.
- Other info: Join a diverse team committed to inclusivity and continuous learning.
The predicted salary is between 43200 - 72000 £ per year.
Threat Research Engineer – Threat Protection
The Role
As a Threat Research Engineer , you will be a key player in defending our customers against a wide array of email-borne threats, with a primary focus on utilizing and enhancing our anti-spam engines and rule-based detection systems. You will be hunting for threats like phishing, business email compromise (BEC), spam, and other unwanted mail within large datasets. Your core responsibilities will involve in-depth analysis of email characteristics, developing and tuning detection strategies for our anti-spam platforms, documenting new attack techniques, and identifying detection gaps. You will collaborate closely with product and engineering teams to suggest and implement improvements, ensuring our email security solutions remain highly effective.
Why Join Our Team?
At Mimecast, you\’ll directly combat emerging email threats, dissecting attacker TTPs and crafting robust detection rules. This is a unique opportunity to leverage vast real-world data and advanced anti-spam engines, transforming your research into tangible protection for millions of users globally. If you\’re driven to understand and neutralize the latest email attack vectors, Mimecast offers a dynamic environment where your work has immediate and significant customer impact, keeping organizations safe every day.
What You’ll Do:
- Proactively identify and dissect diverse email-borne threats, including sophisticated phishing, Business Email Compromise (BEC), malware campaigns, and pervasive spam.
- Conduct in-depth technical analysis of email headers, content, sending infrastructure, URLs (particularly in the context of phishing and spam), and other message attributes to identify crucial patterns and characteristics of unwanted or malicious email.
- Develop, test, and maintain complex detection signatures and rules in antispam engines (e.g., Rspamd, SpamAssassin etc)
- Monitor threat trends and adapt detection logic to keep pace with evolving attack techniques.
- Collaborate with a global team of Threat Researchers to investigate complex campaigns, share insights, and collectively improve detection efficacy.
- Automate data extraction, in-depth analysis, and the reporting of detection performance and efficacy.
- Query and analyse large datasets utilise platforms such as Clickhouse, AWS Athena etc. identify detection gaps, measure scanner effectiveness, and drive data-informed improvements.
- Document observed Tactics, Techniques, and Procedures (TTPs) related to email-delivered threats and communicate them internally or externally.
- Participate in cross-functional projects with Product, Engineering, and Operations teams to enhance Mimecast’s overall security posture and product capabilities.
What You Bring to the Team:
- Experience with email detection/filtering engines (Rspamd, SpamAssassin, MailScanner, or similar), including rule/signature development.
- Knowledge of the email threat landscape, their associated TTPs, and a strong curiosity to learn about the infrastructure and methodologies behind phishing and malicious email campaigns.
- Understanding of core email protocols (SMTP/POP/IMAP) and authentication standards (DKIM, SPF, DMARC).
- Experience in Python/Lua or other scripting languages, effectively applied to automation, data analysis, and tool development.
- Advanced SQL skills for querying, manipulating, and extracting insights from large, complex datasets.
- Excellent time management and ability to self-prioritize in a fast-paced environment.
- Able to collaborate effectively both in-office and remotely; strong written and verbal communication skills.
- A genuine eagerness to learn continuously, adapt to new challenges, and proactively share knowledge with colleagues.
What We Bring:
Join our Threat Protection team to accelerate your career journey, working with cutting-edge technologies and contributing to projects that have real customer impact. You will be immersed in a dynamic environment that recognizes and celebrates your achievements.
Mimecast offers formal and on the job learning opportunities, maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle, and importantly – working in cross functional teams to build your knowledge!
Our Hybrid Model: We provide you with the flexibility to live balanced, healthy lives through our hybrid working model that champions both collaborative teamwork and individual flexibility. Employees are expected to come to the office at least two days per week, because working together in person:
- Fosters a culture of collaboration, communication, performance and learning
- Drives innovation and creativity within and between teams
- Introduces employees to priorities outside of their immediate realm
- Ensures important interpersonal relationships and connections with one another and our community!
#LI-CS1
DEI Statement
Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.
We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.
We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.
Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.
#J-18808-Ljbffr
Senior Threat Research Engineer employer: Mimecast Services Limited
Contact Detail:
Mimecast Services Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Threat Research Engineer
✨Tip Number 1
Familiarise yourself with the latest email threats and attack techniques. Stay updated on trends in phishing, BEC, and spam to demonstrate your knowledge during interviews.
✨Tip Number 2
Engage with online communities or forums focused on email security. Networking with professionals in the field can provide insights and potentially lead to referrals.
✨Tip Number 3
Showcase your technical skills by contributing to open-source projects related to email filtering or threat detection. This practical experience can set you apart from other candidates.
✨Tip Number 4
Prepare to discuss specific examples of how you've identified and mitigated email threats in previous roles. Real-world scenarios will highlight your problem-solving abilities and expertise.
We think you need these skills to ace Senior Threat Research Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in threat research, email detection engines, and any specific technologies mentioned in the job description. Use keywords from the job listing to demonstrate your fit for the role.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and detail your experience with email threats and detection strategies. Mention specific projects or achievements that showcase your skills and how they align with the responsibilities of the role.
Showcase Technical Skills: Clearly outline your technical skills related to Python, SQL, and any experience with anti-spam engines like Rspamd or SpamAssassin. Provide examples of how you've used these skills in previous roles to solve problems or improve processes.
Demonstrate Continuous Learning: Highlight any recent courses, certifications, or self-directed learning you've undertaken in the field of cybersecurity. This shows your commitment to staying updated on the latest trends and techniques in email security.
How to prepare for a job interview at Mimecast Services Limited
✨Showcase Your Technical Skills
Be prepared to discuss your experience with email detection/filtering engines like Rspamd or SpamAssassin. Highlight specific examples of rule/signature development you've done, as well as any automation or data analysis projects using Python or SQL.
✨Understand the Threat Landscape
Demonstrate your knowledge of the current email threat landscape, including phishing and Business Email Compromise (BEC). Be ready to explain the Tactics, Techniques, and Procedures (TTPs) used by attackers and how you would approach identifying and mitigating these threats.
✨Prepare for Collaboration Questions
Since collaboration is key in this role, think of examples where you've worked effectively in a team, especially in cross-functional settings. Be ready to discuss how you share insights and improve detection efficacy with colleagues.
✨Ask Insightful Questions
Prepare thoughtful questions about Mimecast's approach to email security and their anti-spam technologies. This shows your genuine interest in the role and helps you understand how you can contribute to their mission.
