Principal Engineer - Email Security L2

Role Overview
The Cybersecurity L2 Email Security Analyst is responsible for monitoring, analyzing, and responding to email-based security threats. This role handles escalated incidents from L1, ensures the effectiveness of email security controls, and helps protect the organization from phishing, malware, business email compromise (BEC), and spam attacks.Key ResponsibilitiesProvide Level-2 support for email security incidents and alertsInvestigate phishing, malware, spam, spoofing, and BEC incidentsAnalyze email headers, URLs, attachments, and sender reputationAdminister and tune email security platforms (Microsoft Defender for Office 365, Proofpoint, Mimecast, Barracuda, etc.)Respond to user-reported phishing emails and conduct root cause analysisImplement and manage email authentication controls (SPF, DKIM, DMARC)Coordinate containment and remediation actions (email quarantine, purge, account reset)Create and maintain email security SOPs and response playbooksSupport security awareness initiatives related to phishingCollaborate with IAM, SOC, and IT teams during incidentsSupport audits and compliance requirements (ISO 27001, SOC 2, GDPR, etc.)Required Skills & Qualifications5-7years of experience in Email Security / SOC / Cybersecurity operationsStrong understanding of email threat vectors and attack techniquesHands-on experience with email security gateways and M365 email securityKnowledge of SMTP, email routing, and mail flow troubleshootingExperience with threat analysis tools and ticketing systemsFamiliarity with incident response and escalation proceduresGood analytical and documentation skillsGood to HaveExperience with automation/SOAR for phishing responseExposure to threat intelligence and URL sandboxing toolsCertifications: Security+, SC-200, CEH, or equivalent