5 Email Analysis Jobs

As an L1 SOC Analyst with 3 to 5 years of experience, you will be responsible for expertise in Triage, Threat Detection and Response, Threat Hunting, and SOC Assessment. Your role will involve utilizing your in-depth knowledge of Sentinel and Crowdstrike, along with security event collection, monitoring, analysis, issue investigation, and incident response leveraging automated SOAR tools. Your primary duties will include real-time monitoring, data enrichment, event correlation, OS/application event analysis, and IOC based threat hunting. Additionally, you will be tasked with email analysis, investigation, and phishing detection. You will play a key role in incident workflow management, issue escalation, and assisting stakeholders with issue containment, remediation, and risk mitigation. In this role, you will provide valuable input into enhancing threat detection rules and optimizing response playbooks. You will actively participate in operational meetings and war-room sessions, offering insights into issue eradication and security posture improvement. Key Skills required for this role include proficiency in Microsoft Defender E5 Security Suite, Microsoft Sentinel, and security suite. Your expertise in these areas will be crucial in ensuring the effective operation and security of the organization's systems and data.,

Job description Key Responsibilities: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis of PE and non-PE files. Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response strategies. Develop and implement incident response plans and coordinate incident investigations. Provide continuous monitoring and analysis of network traffic and security events. Conduct research on advanced persistent threats (APTs) and develop protection solutions. Maintain and update real-time block lists and URL block lists. Write and review regular expressions for spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Participate in endpoint detection and response (EDR) efforts to identify and mitigate threats. Conduct threat hunting to proactively identify and address potential security risks. Basic Qualifications: Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management (SIEM): Platforms like Splunk or IBM QRadar to monitor and analyze security events, including email threats. Incident Response Tools: Solutions like TheHive or MISP (Malware Information Sharing Platform) for managing and sharing incident response data. Skills Mandatory Skills : Analyzing Binaires / Non-Binaries & Malicious Scripts, Behaviour based Detection (BM / AMSI), Code based Detection (Assembly Lang), Disassembling & Debugging tools, Kusto, Rule based Detection (LUA / AC), Threat Landscape

About KnowBe4 At KnowBe4, we provide the world's largest security awareness training and simulated phishing platform which is utilized by numerous organizations across the globe. Our mission is to assist organizations in combating social engineering threats by educating employees to make informed security decisions on a daily basis. Recognized by Fortune as a top workplace for women, millennials, and technology for four consecutive years, we take pride in our achievements. With certifications as a "Great Place To Work" in 8 countries and various prestigious awards, such as Glassdoor's Best Places To Work, we prioritize radical transparency, extreme ownership, and continuous professional growth in a supportive work environment that embraces individuality. Whether working remotely or in-office, we aim to create a fun and engaging atmosphere with activities like team lunches, trivia competitions, and local outings, ensuring there is always something exciting happening at KnowBe4. Join us by submitting your resume in English. The Cybersecurity Threat Researcher position is based in the KnowBe4 Threat Research Lab and involves deploying and configuring a range of security products and solutions including endpoint, email, web, and network protection. Responsibilities: - Deploy, configure, and maintain various cybersecurity products in a lab setting, encompassing endpoint, web, email, and network protection products. - Manage product inventory including licenses, updates, and multiple versions. - Provide recommendations for security product deployment and configurations. - Conduct analysis of PHISHING emails. - Analyze malicious URLs and PHISHING URLs. - Track and identify new and existing PHISHING campaigns. - Identify trends in the latest phishing emails. Requirements: - Bachelor's degree or equivalent with at least 3 years of experience. - Master's degree or equivalent with at least 1 year of experience. - Proficiency in IOCs, reverse engineering, and threat campaign tracking. - Experience in analyzing malicious URLs and phishing emails. - Ability to script for handling large volumes of threat artifacts. - Email analysis skills to differentiate between PHISHING, Clean, and Spam emails. - Capability to identify PHISHING email campaigns accurately. - Expertise in static and dynamic analysis of URLs and Files. - Proficiency in URL analysis for identifying PHISHING and scam URLs. - Familiarity with creating Yara rules for email grouping and clustering. - Ability to automate daily email classification through scripting. - Stay updated on emerging threats and security technologies. - Analytical thinking and collaborative work approach. Our Fantastic Benefits: We provide company-wide bonuses, employee referral bonuses, adoption assistance, tuition reimbursement, certification completion bonuses, and a relaxed dress code in a modern, high-tech, and enjoyable work environment. For detailed information on benefits in each office location, please visit www.knowbe4.com/careers/benefits. Note: Applicant assessment and background checks may be included in the hiring process. No recruitment agencies, please.,

Job description Novo Nordisk Global Business Services ( GBS) India Department: Global Information Security Advisory Are you passionate about IT security and eager to make a difference in safeguarding critical sys-tems Do you thrive in a global, collaborative environment where your exper-tise can help protect a leading healthcare organisation If so, we invite you to join us as a Security Operations Analyst at Novo Nordisk. Read on and apply today for a life-changing career! About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisk's digital assets. The position As a Cybersecurity Analyst I, you will play a pivotal role in enhancing and maintaining the IT security posture at Novo Nordisk. Your responsibilities will include: . Effectively monitor and manage IT security incidents by analyzing logs, identifying vulnerabilities, managing unauthorized user activity, and handling security notifications from users and regional teams to ensure timely resolution and ad-herence to SLAs. . Analyzing and responding to suspicious and malicious emails received through the Phish alarm solution. . Provide support to the Vulnerability Management Office (VMO) in the Critical Vul-nerability Response (CVR) process while collaborating with the GSO Data Analyt-ics team to en-hance the SIEM system's accuracy by reducing false positives, demonstrating strong analytical skills and a commitment to cybersecurity excel-lence . Managing the Global Intrusion Defense (GID) system, ensuring services like log collection, intrusion detection, and vulnerability assessment are operational. . Actively participates in incident response drills and the Major IT Security Incident Response Process (MSIRP), while engaging stakeholders to communicate risks, facilitate vulnera-bility remediation, and support global security initiatives. Qualifications . Bachelor of Engineering with relevant IT experience and business experience. . Overall 5+ years of core IT security experience with at least 3+ years in relevant security tool. . Demonstrated proficiency in Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms, coupled with expertise in Windows Operating Systems and enterprise network security. . Solid knowledge of Security Operations Center (SOC) operations with Standard Operating Procedure (SOP). . Familiarity with forensics, Email Analysis and Cloud. . Coordinate with internal teams and external stakeholders to manage the incident response process and collaborate cross-functionally to ensure adherence to secu-rity policies and procedures. . Respond to and investigate security incidents such as data breaches, malware in-fections, and unauthorized access attempts while analyzing incidents to deter-mine root cause, scope, and impact. . Develop and implement comprehensive incident response plans and procedures for timely and effective responses to security incidents. . Security certifications like CEH etc (Good to have). About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisk's digital assets. Working at Novo Nordisk Novo Nordisk is a leading global healthcare company with a 100-year legacy of driving change to defeat serious chronic diseases. Building on our strong legacy within diabetes, we are growing massively and expanding our commitment, reaching millions around the world and impacting more than 40 million patient lives daily. All of this has made us one of the 20 most valuable com-panies in the world by market cap. Our success relies on the joint potential and collaboration of our more than 72,000 employees around the world. We recognize the importance of the unique skills and perspectives our people bring to the table, and we work continuously to bring out the best in them. Working at Novo Nordisk, we're working toward something bigger than ourselves, and it's a collective ef-fort. Join us! Together, we go further. Together, we're changing life. Contact To submit your application, please upload your CV online (click on Apply and follow the instruc-tions). Deadline 16 July 2025. Disclaimer It has been brought to our attention that there have recently been instances of fraudu-lent job offers, purporting to be from Novo Nordisk and/or its affiliate companies. The individuals or or-ganizations sending these false employment offers may pose as a Novo Nordisk recruiter or rep-resentative and request personal information, purchasing of equipment or funds to further the recruitment process or offer paid trainings. Be ad-vised that Novo Nordisk does not extend unso-licited employment offers. Furthermore, Novo Nordisk does not charge prospective employees with fees or make requests for funding as a part of the recruitment process. We commit to an inclusive recruitment process and equality of opportunity for all our job applicants. At Novo Nordisk we recognize that it is no longer good enough to aspire to be the best company in the world. We need to aspire to be the best company for the world and we know that this is only possible with talented employees with diverse perspectives, backgrounds and cultures. We are therefore committed to creating an inclusive culture that celebrates the diversity of our employees, the patients we serve and communities we operate in. Together, we're life changing.

OPPORTUNITY OVERVIEW As a Platform Specialist Team Lead at ZeroFOX, you will join a team of highly skilled individuals working to prevent cyber attacks for enterprise-level commercial and government customers. Using our proprietary hybrid intelligence platform, this role specifically focuses on supporting existing customers by providing detailed analysis and contextualization regarding a variety of cyber risks. You will have the opportunity to research these risks, develop notification and alert packages, and present your findings to customers. Your goal: Keep our customers safe with detailed threat intelligence information, and present findings in a professional manner. Responsibilities: Analyze large volumes of data for customer-related risks. Create risk notification and alert packages for customers. Interface with customers and stakeholders to provide analysis reports and details. Support and respond to customer requests for further information and analysis. Responsible for communications with the customers including: phone, video, email, and authoring reports. Triage alerts for customers to give real time intelligence. Act as an escalation point for Tier 1 alert analysis, platform configuration, and trend analysis; Managing the team based on metric driven outcomes Serve as a resource for the Account Management team to explain the managed service. Act as a customer advocate internally, working across appropriate teams to solve customer challenges Support team productivity and outputs during assigned shifts. Identify opportunities for process improvement and efficiency. Provide coaching, training, and mentorship to team members. Act as a liaison between team members and upper management. Conduct regular performance evaluations and provide feedback to team members. Provide regular updates and reports on team progress to upper management. Required Qualifications: Attention to detail Experience working in a team environment and responsible for certain aspects of service delivery Ability to lead a team and be a point of contact as a subject matter expert Knowledge of the cyber threat environment including how the following sources of data enable cyber operations: major social networks (knowledge of emerging networks a big plus); dark web; domain abuse; analyze security incidents, such as account breaches, unauthorized access, or malicious content etc. Superior research and analysis skills Ability to convey complex ideas, trends, and information in a simple way (a writing sample will be requested as part of the interview process) Ability to extrapolate trends from mass amounts of disparate data Solid interpersonal and social skills Experience with other SaaS, cyber security, or social media products or services is preferred Must be willing to work alternative work schedule including partial weekends Big Bonus: Basic scripting capabilities: JavaScript, Python, or similar; at minimum being able to review and edit basic code structure Comfort working with a quickly growing team Ability to quickly adapt and recommend solutions as needed A self-starting mentality, when you find a problem, you alert the team, and fix ityou dont wait for the next task. Familiarity and comfort with producing superior work while meeting aggressive deadlines Benefits Competitive compensation Community-driven culture with employee events Generous time off Best-in-class benefits Fun, modern workspace Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture