Senior Security Research Engineer

Security Research Engineer – Threat Protection

The Role

As a Security Research Engineer at Mimecast, you will be a pivotal technical expert dedicated to researching, analyzing, and developing detections for both malware and phishing threats. Your work will involve dissecting real-world file and web threats, building and optimizing detection signatures, and driving improvements to our advanced detection systems. This role combines in-depth threat investigation with a focus on enhancing our capabilities to block evolving attacks and provide actionable insights to our customers and internal teams.

Why Join Our Team?

At Mimecast, you will be at the forefront of neutralizing diverse phishing and malware threats through comprehensive file analysis and research across web vectors. You will dissect attacker tactics, techniques, and procedures (TTPs), crafting and optimizing detection signatures using industry-standard tools like Yara and ClamAV, as well as Mimecast's advanced proprietary detection technologies. This is an opportunity to leverage vast real-world threat data and transform your technical expertise into tangible protection for millions of users globally. If you're driven to understand and dismantle sophisticated attacks, Mimecast offers a dynamic environment where your work has immediate and significant customer impact.

What You’ll Do:

• Analyse and classify file and web-based threats, including credential phishing campaigns and a wide range of malware families.
• Develop, test, and maintain detection signatures (Yara, ClamAV, and proprietary solutions) for both phishing and malware threats targeting Mimecast customers.
• Dissect malicious files, URLs, and email payloads using static and dynamic analysis tools.
• Automate threat analysis and detection processes.
• Investigate emerging attack techniques and develop proactive, high-quality detections.
• Measure and improve detection efficacy using large-scale data analysis tools.
• Collaborate with engineering on integrating detection scanners and optimizing scanning systems.
• Create and maintain documentation for detection techniques, code, and analysis findings.

What You’ll Bring:

• Deep technical proficiency in malware and phishing analysis, including hands-on experience with real-world threats.
• Strong experience writing and tuning detection signatures (Yara, ClamAV, or similar).
• Advanced scripting and automation skills (Python required; additional scripting languages a plus).\
• Experience with static, dynamic or behavioural analysis of malicious files and URLs.
• Familiarity with web technologies (HTML, JavaScript, URL manipulation).
• Proficiency in analysing large data sets and extracting actionable insights.
• Experience setting up and using virtualization or sandboxing technologies for threat analysis is a plus.
• Strong analytical and problem-solving skills, with excellent attention to detail.
• Ability to work independently and collaboratively in a remote, global team.
• Minimum of 5 years of technical experience in cybersecurity, malware analysis, detection engineering, or a related field.

What We Bring:

Join our Threat Protection team to accelerate your career journey, working with cutting-edge technologies and contributing to projects that have real customer impact. You will be immersed in a dynamic environment that recognizes and celebrates your achievements.

Mimecast offers formal and on the job learning opportunities, maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle, and importantly - working in cross functional teams to build your knowledge!

Our Hybrid Model: We provide you with the flexibility to live balanced, healthy lives through our hybrid working model that champions both collaborative teamwork and individual flexibility. Employees are expected to come to the office at least two days per week, because working together in person:

• Fosters a culture of collaboration, communication, performance and learning
• Drives innovation and creativity within and between teams
• Introduces employees to priorities outside of their immediate realm
• Ensures important interpersonal relationships and connections with one another and our community!

#LI-CS1

DEI Statement

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.