Anti Spam

Job Description

Role & responsibilities Job Description: Key Responsibilities • Conduct email analysis and reverse engineer to identify and mitigate threats. • Perform static and dynamic analysis • Analyze network traffic and develop heuristic signatures to detect malicious activities. • Investigate security incidents, including data breaches, system intrusions, and policy violations. • Collaborate with cross-functional teams to improve detection capabilities and response. • Develop and implement incident response plans and coordinate incident investigations. • Classify, Maintain and update real-time block lists and URL block lists. • Write and review regular expressions for phish, spam and fraud detection. • Perform URL and email grading to assess and categorize potential threats. • Engage in security response activities to address and resolve security incidents. • Conduct threat hunting to proactively identify and address potential detection gaps. Technical Skills • Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. • Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. • Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. • Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. • Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. • Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. • Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools • Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. • Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. • Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. • Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. • Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. • Security Information and Event Management or Incident Response Tools