2 of 2 Remote Permanent Behavioural Analysis Jobs

insights to our customers and internal teams. Why Join Our Team? At Mimecast, you will be at the forefront of neutralizing diverse phishing and malware threats through comprehensive file analysis and research across web vectors. You will dissect attacker tactics, techniques, and procedures (TTPs), crafting and optimizing detection signatures using industry-standard tools like Yara and ClamAV, as well … and maintain detection signatures (Yara, ClamAV, and proprietary solutions) for both phishing and malware threats targeting Mimecast customers. Dissect malicious files, URLs, and email payloads using static and dynamic analysis tools. Automate threat analysis and detection processes. Investigate emerging attack techniques and develop proactive, high-quality detections. Measure and improve detection efficacy using large-scale data analysis tools. Collaborate with engineering on integrating detection scanners and optimizing scanning systems. Create and maintain documentation for detection techniques, code, and analysis findings. What You'll Bring: Deep technical proficiency in malware and phishing analysis, including hands-on experience with real-world threats. Strong experience writing and tuning detection signatures (Yara, ClamAV, or similar). Advanced scripting More ❯

/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST, GDPR). Document incidents … and technologies. Skill Requirements: Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell … security tasks. Cloud Security: Knowledge of MS Azure. Privileged/Identity& Access Management (IAM): Understanding of RBAC, MFA, SSO, and directory services (e.g., Active Directory, Azure AD). Log Analysis &Forensics: Ability to analyse logs and artifacts from Windows, Linux, and cloud environments. Security Frameworks: Familiarity with MITRE ATT&CK, NIST CSF, CIS Controls. Preferred Qualifications: Industry certifications such More ❯