Messaging Security Analyst Ii

As a Messaging Security Analyst II, you will build upon your foundational expertise in email security to take on more complex threat investigations and contribute to the refinement of Mimecast's detection and response capabilities.

You will act as a key escalation point for analysts, assist in the development of detection strategies, and collaborate with cross‑functional teams to enhance Mimecast's security posture.

This role requires a strong understanding of email‑based threats, analytical skills, and the ability to work effectively in a fast‑paced, collaborative environment.

• Proactively identify and dissect email‑borne threats, including phishing, BEC, malware, and spam campaigns.
• Act as an escalation point for analysts, providing guidance and support for complex cases.
• Perform deeper analysis of threat actor tactics, techniques, and procedures (TTPs) to identify patterns and improve detection efficacy.
• Assist in the development and refinement of detection rules, filters, and automation workflows to enhance threat identification and response.
• Monitor email threat feeds, identify and respond to events.
• Maintain awareness of the evolving threat landscape, sharing insights and findings with the team to improve collective knowledge.
• Query and analyse large datasets to identify threat scope and indicators of compromise.
• Contribute to the creation and maintenance of documentation, playbooks, and standard operating procedures for threat detection and response.
• Participate in threat hunting activities to proactively identify and mitigate emerging threats.
• Collaborate with team members both in‑office and remotely to investigate threats and improve detection efficacy.
• Participate in cross‑functional projects with Product, Engineering, and Operations teams to improve Mimecast's security posture.

• Expertise in threat data classification, with demonstrated expertise in investigated and responding to email‑based threats.
• Experience in a SOC or email detection / filtering engines.
• Knowledge of email threats and their TTPs, and strong curiosity about the infrastructure of phishing / malicious email campaigns.
• Understanding of email protocols (SMTP, DKIM, SPF, DMARC).
• Experience with querying and analysing large datasets
• Excellent time management and ability to self‑prioritize in a fast‑paced environment.
• Able to collaborate effectively both in‑office and remotely; strong written and verbal communication skills.
• Eagerness to learn, adapt, and share knowledge with others.

• Join our Threat Protection team to accelerate your career journey, working with cutting‑edge technologies and contributing to projects that have real customer impact.
• You will be immersed in a dynamic environment that recognizes and celebrates your achievements.
• Mimecast offers formal and, on the job, learning opportunities, maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle, and importantly - working in cross functional teams to build your knowledge!

Employees are expected to come to the office at least two days per week, because working together in person:

• Fosters a culture of collaboration, communication, performance and learning
• Drives innovation and creativity within and between teams
• Introduces employees to priorities outside of their immediate realm
• Ensures important interpersonal relationships and connections with one another and our community!

The base salary range for this position is , ZAR- , ZAR plus benefits.

This range represents the minimum and maximum new hire compensation for this role.

The position may also be eligible for incentive plans and additional benefits, in accordance with company policy and local regulations.

Our salary ranges are determined by role, level, and location with individual compensation also dependent on factors such as qualifications, experience, and skills.

Final offers will reflect these considerations and may vary accordingly.

That's why we're committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they're a cybercriminal, of course.We're proud to be an Equal Opportunity and Affitative Action Employer, and we'd encourage you to join us whatever your background.

We particularly welcome applicants from traditionally underrepresented groups.We consider everyone equally : your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won't affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.