Email Security Engineer

National Life Insurance Company•Addison, TX

About The Position

Come join one of America’s fastest-growing insurance companies. Since 1848, National Life Group has aimed to keep our promises, providing families with stability in good times and in bad. Throughout that history, we have provided peace of mind to those families as they plan their futures. Our mission extends beyond the insurance and annuities policies that we offer. We strive to make the world a better place through our grants from our charitable foundation, paid volunteer time for our employees, environmentally sustainable and healthy workplaces, and events that promote the work of nonprofits in our own backyard. We foster a collaborative environment with opportunities for growth and encourage our associates to live our values: Do good. Be good. Make good. Please note that we do not offer visa sponsorship for this position. Email is the number one attack vector and here, you’ll be the trusted expert who takes our defenses to the next level. In this hands-on role, you’ll architect and refine cutting-edge security controls using the latest in Proofpoint, Microsoft Office 365, Exchange Online Protection, and Microsoft Purview DLP to stay ahead of phishing, business email compromise, and data loss threats. You’ll have the freedom to innovate, experiment with new solutions, and champion fresh ideas that drive real results. Grow your skills and make a difference. Our team thrives on collaboration and knowledge-sharing, and we believe in leading by example. You’ll automate successful strategies, quickly adapt from lessons learned, and help shape our security roadmap. Leaders here empower you to test new approaches and encourage ongoing personal and professional development, so your contributions will have a direct and meaningful impact. Join a culture built on purpose and progress. We keep things simple: Do good. Be good. Make good. You’ll be supported by a team that values thoughtful experimentation and growth, ensuring your work matters for our organization and for your career.

Requirements

5+ years in Information Security with 2+ years focused on email security engineering/operations.
Hands-on experience with Proofpoint email security, including Targeted Attack Protection (TAP) and Threat Response Auto-Pull (TRAP); policy tuning; Data Loss Prevention integration; and quarantine workflows.
Proficiency with Microsoft Defender for Office 365 and Exchange Online Protection (EOP); configuring Safe Links and Safe Attachments; conducting advanced hunting; and performing header and mail flow troubleshooting.
Email DLP platform expertise (Microsoft Purview preferred). Define and maintain the label taxonomy; tune rules and detectors including Exact Data Match (EDM) and regex; establish exception governance; and run testing at scale.
Mail flow and identity depth across Exchange Online, connectors, transport rules, header analysis, and DNS; SPF/DKIM/DMARC design and enforcement; and vanity domain lifecycle for email: subdomain design and naming, DNS ownership and hygiene, third-party sender onboarding and alignment, and ongoing deliverability and blocklist monitoring.
Strong scripting (PowerShell or Python), API/automation comfort, and a metrics-first mindset.
Clear communication, able to turn complex findings into crisp recommendations for engineers, business stakeholders and leadership.

Nice To Haves

Certifications: CISSP, Proofpoint certifications, Microsoft SC-200 or SC-400.
Experience : Brand Indicators for Message Identification (BIMI) and brand protection.
Experience with Security Orchestration, Automation, and Response (SOAR).
Exposure to email threat intelligence enrichment.

Responsibilities

Engineer and operate advanced email protections in Proofpoint and Microsoft Defender for Office 365 (including Exchange Online Protection, Safe Links/Safe Attachments, impersonation safeguards) with continuous tuning to cut false positives and boost catch rates.
Engineer and operate Microsoft Purview DLP for Exchange Online. Design classification labels and enforcement rules with defined exceptions to stop data exfiltration. Use split tests and drift monitoring to sustain policy effectiveness.
Harden trust and identity for mail : SPF/DKIM/DMARC strategy, DMARC enforcement and reporting, display name/VIP impersonation controls, external tag strategy, QR code phishing and Business Email Compromise patterns.
Investigate and respond : lead deep-dive investigations on phishing campaigns; provide actionable post-incident improvements.
Cross-team force multiplier: improve detections and execute response with Security Monitoring & Response, lock down access with IAM, ensure compliance fit with GRC, and make the fix stick with Security Architecture and Infrastructure.
Automate and integrate : build playbooks and API/SOAR hooks for triage, enrichment, and response (e.g., auto-pull/recall, bulk purge, VIP watchlists, threat intel lookups).
Measure what matters : define metrics (catch rate, FP rate, MTTD/MTTR for mail events, DLP signal quality) and share insights that drive roadmap priorities.
Document and mentor : publish standards, playbooks, and quick-wins; coach peers, and champion secure-by-default patterns for email workflows.

Benefits

Your benefits start day one and are flexible and customizable to your and your family’s specific needs.
Check out the BENEFITS of a Career at National Life !

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume