Senior Software Engineer
Company: Mimecast
Location: Lexington
Posted on: July 6, 2025
|
|
|
Job Description:
As a Threat Research Engineer, you will be a key player in
defending our customers against a wide array of email-borne
threats, with a primary focus on utilizing and enhancing our
anti-spam engines and rule-based detection systems. You will be
hunting for threats like phishing, business email compromise (BEC),
spam, and other unwanted mail within large datasets. Your core
responsibilities will involve in-depth analysis of email
characteristics, developing and tuning detection strategies for our
anti-spam platforms, documenting new attack techniques, and
identifying detection gaps. You will collaborate closely with
product and engineering teams to suggest and implement
improvements, ensuring our email security solutions remain highly
effective. Why Join Our Team? At Mimecast, youll directly combat
emerging email threats, dissecting attacker TTPs and crafting
robust detection rules. This is a unique opportunity to leverage
vast real-world data and advanced anti-spam engines, transforming
your research into tangible protection for millions of users
globally. If youre driven to understand and neutralize the latest
email attack vectors, Mimecast offers a dynamic environment where
your work has immediate and significant customer impact, keeping
organizations safe every day. What You’ll Do: Proactively identify
and dissect diverse email-borne threats, including sophisticated
phishing, Business Email Compromise (BEC), malware campaigns, and
pervasive spam. Conduct in-depth technical analysis of email
headers, content, sending infrastructure, URLs (particularly in the
context of phishing and spam), and other message attributes to
identify crucial patterns and characteristics of unwanted or
malicious email. Develop, test, and maintain complex detection
signatures and rules in antispam engines (e.g., Rspamd,
SpamAssassin etc) Monitor threat trends and adapt detection logic
to keep pace with evolving attack techniques. Collaborate with a
global team of Threat Researchers to investigate complex campaigns,
share insights, and collectively improve detection efficacy.
Automate data extraction, in-depth analysis, and the reporting of
detection performance and efficacy. Query and analyse large
datasets utilise platforms such as Clickhouse, AWS Athena etc.
identify detection gaps, measure scanner effectiveness, and drive
data-informed improvements. Document observed Tactics, Techniques,
and Procedures (TTPs) related to email-delivered threats and
communicate them internally or externally. Participate in
cross-functional projects with Product, Engineering, and Operations
teams to enhance Mimecast’s overall security posture and product
capabilities. What You Bring to the Team Experience with email
detection/filtering engines (Rspamd, SpamAssassin, MailScanner, or
similar), including rule/signature development. Knowledge of the
email threat landscape, their associated TTPs, and a strong
curiosity to learn about the infrastructure and methodologies
behind phishing and malicious email campaigns. Understanding of
core email protocols (SMTP/POP/IMAP) and authentication standards
(DKIM, SPF, DMARC). Experience in Python/Lua or other scripting
languages, effectively applied to automation, data analysis, and
tool development. Advanced SQL skills for querying, manipulating,
and extracting insights from large, complex datasets. Excellent
time management and ability to self-prioritize in a fast-paced
environment. Able to collaborate effectively both in-office and
remotely; strong written and verbal communication skills. A genuine
eagerness to learn continuously, adapt to new challenges, and
proactively share knowledge with colleagues. What We Bring: Join
our Threat Protection team to accelerate your career journey,
working with cutting-edge technologies and contributing to projects
that have real customer impact. You will be immersed in a dynamic
environment that recognizes and celebrates your achievements.
Mimecast offers formal and on-the-job learning opportunities,
maintains a comprehensive benefits package that helps our employees
and their family members to sustain a healthy lifestyle, and
importantly - working in cross functional teams to build your
knowledge! Our Hybrid Model: We provide you with the flexibility to
live balanced, healthy lives through our hybrid working model that
champions both collaborative teamwork and individual flexibility.
Employees are expected to come to the office at least two days per
week, because working together in person: Fosters a culture of
collaboration, communication, performance and learning Drives
innovation and creativity within and between teams Introduces
employees to priorities outside of their immediate realm Ensures
important interpersonal relationships and connections with one
another and our community! DEI Statement Cybersecurity is a
community effort. That’s why we’re committed to building an
inclusive, diverse community that celebrates and welcomes everyone
– unless they’re a cybercriminal, of course. We’re proud to be an
Equal Opportunity and Affirmative Action Employer, and we’d
encourage you to join us whatever your background. We particularly
welcome applicants from traditionally underrepresented groups. We
consider everyone equally: your race, age, religion, sexual
orientation, gender identity, ability, marital status, nationality,
or any other protected characteristic won’t affect your
application. Due to certain obligations to our customers, an offer
of employment will be subject to your successful completion of
applicable background checks, conducted in accordance with local
law.
Keywords: Mimecast, Plymouth , Senior Software Engineer, IT / Software / Systems , Lexington, Massachusetts
