Vacant Jobs at Mimecast

About the Role

• As a Cyber Security Specialist, you will play a pivotal role in proactively identifying, evaluating, and reducing the attack surface of our organization. Reporting to the Senior Director of Security Operations, you will leverage cutting-edge tools, threat intelligence, and cross-functional collaboration to ensure our external and internal digital assets are continuously monitored, inventoried, and protected.

What You'll Do

• Attack Surface Discovery: Continuously identify and catalogue all external and internal assets (cloud, on-premises, IoT, third-party systems, etc.) using automated and manual discovery techniques.
• Vulnerability Management: Evaluate discovered assets for vulnerabilities and misconfigurations; prioritize remediation efforts based on risk and business impact.
• Threat Intelligence Integration: Correlate attack surface data with threat intelligence to contextualize findings and anticipate emerging risks.
• Attack Surface Reduction: Partner with IT, DevOps, and application teams to minimize unnecessary exposures and streamline asset footprint.
• Incident Response Support: Provide asset and exposure data during security incident investigations to enable rapid containment and remediation.
• Reporting & Metrics: Develop and present clear, actionable reports and dashboards for technical and executive audiences, including trend analysis and attack surface KPIs.
• Tool Evaluation & Management: Assess, deploy, and manage Attack Surface Management (ASM) platforms and related technologies.
• Policy Development: Contribute to security policies, standards, and best practices surrounding asset inventory and exposure management.
• Awareness & Training: Educate stakeholders on attack surface risks and mitigation strategies.
• Security Strategy: support the successful execution of the Security Strategy.

What You'll Bring

• Experience: 3+ years in cyber security, with a focus on attack surface management, asset discovery, or vulnerability management in a large enterprise or technology environment.
• Technical Skills: Strong understanding of networking, web technologies, cloud platforms (AWS, Azure, GCP), and security tooling (ASM, EDR, SIEM, etc.) and vulnerability scanning tools.
• Analytical Abilities: Proficient in risk assessment, data analysis, and correlating technical findings with business risk.
• Collaboration: Demonstrated ability to work with cross-functional teams, including IT, application development, and business units.
• Certifications: Relevant security certifications preferred (e.g., CISSP, OSCP, GIAC, CompTIA Security+).
• Communication: Excellent written and verbal communication skills; ability to convey complex technical issues to diverse audiences.
• Familiarity with regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS) and how they impact asset and exposure management.
• Experience with automation and scripting for asset discovery and reporting (e.g., Python, PowerShell).
• Background in incident response and digital forensics.

go to method of application »

Associate Threat Response Analyst

• As a Threat Response Analyst you will be joining the Mimecast Messaging Security organization and be responsible for supporting a service for on-demand threat resolution.
• The service is designed to provide customers with prompt feedback and intelligence on email-borne threats, remediate these threats from their email environment to reduce dwell time, and put the appropriate detections in place to prevent further incidents from occurring. The role may require working afternoon/evening shifts and being part of a rotation for holiday support.
• Messaging Security ensures that our security-focused solutions are performing accurately and efficiently. We verify that Mimecast can detect the latest email-borne threats amidst a rapidly evolving threat landscape.
• Through threat research and customer feedback we identify where Mimecast can be improved and update detection at our spam, URL, and attachment security layers. We strive for proactive, rather than reactive, approaches to threat detection.
• The team is also responsible for assuring that Mimecast maintains an exceptional sending reputation by looking for compromised email addresses and senders following poor mailing practice.
• Messaging Security works closely with research and development, as well as customer support. We are a global team that spans three continents.

What you'll do

• Analyzing phishing/malicious email campaigns to identify IOC's
• Categorizing email threats and determining the best means of updating detection
• Providing email security advice, expertise, and remediation to our customers
• Understanding security policies within the Mimecast Administration Console and providing configuration suggestions to customers
• Researching and investigating the latest security threats and their potential impact to Mimecast customers
• Working with security vendors around threat detection techniques and remediation
• Identifying opportunities for improved processes and systems

What you'll bring

• Working knowledge of messaging (email traffic management) and routing
• Experience and understanding of email security technologies
• Strong Understanding of Domain Name System (DNS)
• Strong Understanding of SMTP, SSL/TLS, POP3, IMAP, TCP/IP
• Ability to translate complex technical capabilities into management friendly responses
• 1+ years’ experience working with the Mimecast platform
• Great oral and written communication skills in order to work closely with customers as well as office-based and remote team members
• Time management skills and the ability to self-prioritize
• Curiosity about the infrastructure of phishing/malicious email campaigns