Senior Communications Security Engineer

About The Position

Requirements

• 5–8+ years in cybersecurity, with a strong focus on email or messaging security.
• Deep expertise in Microsoft 365 security stack (Defender for Office 365, Purview, Exchange Online Protection).
• Experience with collaboration platforms security (Teams, Slack, Zoom).
• Strong understanding of: Email protocols and authentication (SMTP, SPF, DKIM, DMARC), Phishing/BEC attack techniques, DLP and information protection.
• Experience with SIEM tools (e.g., Sentinel, Splunk) and alert tuning.
• Ability to analyze and respond to real-world attacks with minimal supervision.

Nice To Haves

• Experience with email filtering products.
• Experience with cloud security platforms (Azure, AWS, and GCP).
• Experience building automation or response workflows.
• Strong analytical and threat detection mindset.
• Deep understanding of social engineering attack vectors.
• Ability to translate risk into actionable controls.
• Cross-team collaboration and communication skills.

Responsibilities

• Design, implement, and maintain enterprise email security.
• Manage and tune: Phishing and malware detection, Email authentication (SPF, DKIM, DMARC), Safe Links / Safe Attachments or equivalent controls.
• Lead incident response for phishing, BEC (Business Email Compromise), and email-based threats.
• Develop and enforce policies for data loss prevention (DLP) within email systems.
• Partner with SOC teams to improve email threat detection and response playbooks.
• Assess and secure communication tools including collaboration applications.
• Define and implement security baselines, including: External sharing controls, Guest access governance, Message retention and compliance policies.
• Monitor and mitigate risks related to: Data leakage, Unauthorized file sharing, Shadow IT usage of communication tools.
• Develop detection use cases for communication-based threats across SIEM/SOAR platforms.
• Analyze logs and telemetry from messaging platforms for suspicious activity.
• Conduct threat hunting focused on social engineering and communication channel abuse.
• Align communication security controls with frameworks and policies.
• Support audits and compliance requirements related to secure communications and data protection.
• Perform risk assessments on new messaging/collaboration tools before adoption.
• Collaborate with security awareness teams to reduce phishing susceptibility.
• Provide guidance on secure usage of collaboration tools.
• Help design simulations and metrics-driven improvement programs.