Email Security Analyst at Abnormalsecurity

About You As an email security analyst on the team, you are responsible for being this front line of defense. You are highly motivated to understand what attackers are doing and to stop them in their tracks. You are someone who proactively investigates threats, maintains detailed documentation of your findings, and uses data-driven insights to understand complex cybersecurity challenges. • You’re motivated to stop email attackers and understand cybersecurity attack modes • You like to dive into the nitty gritty of complex systems, understand them, and analyze their behavior. When a system output is unexpected, you investigate thoroughly, digging in until the root cause is identified. • You are a clear communicator. You can write reports understandable by those within and outside the company to effectively explain highly technical issues. • You have a habit of meticulously documenting your investigations, maintaining comprehensive notes that can be used for future reference and team learning • You approach technical challenges with a hypothesis-driven mindset, systematically uncovering connections and correlations in complex systems • When tasks are assigned, they are completed correctly and on time or help is asked for quickly. Can largely handle FR tasks with some oversight. Learning team process and culture. Lots of Coaching, mentorship, and direction required to be successful. Scope and scale: Within a task In this job, you will bring these skills • 6+ months working in the cybersecurity, email, or anti-abuse spam field • Ability to perform standardized data analysis procedures using SQL and/or Python, effectively following established runbook methodologies and debugging analysis workflows as needed • Ability to leverage AI-powered analytical tools in both established workflows and ad-hoc investigations to increase impact • Experience in technical writing that effectively communicates complex issues Role Responsibilities and Deliverables • Resolve customer misclassification escalations, including priority issues, with accuracy and in a timely manner, escalating when additional support is required. • Communicate clearly and proactively with internal teams when responding to customer issues, helping ensure consistent and transparent updates. • Build expertise in rule- and heuristic-based email attack analysis and containment, applying established investigation and response methodologies to individual attack instances. • Understand how our message system works for handling customer escalations and general attack containment, and contribute to documenting workflows or steps as needed. • Develop reliability as a team member, demonstrating understanding of assigned tasks, asking clarifying questions, and completing work on time and to spec with moderate oversight. • Handle core attack analysis and containment tasks with guidance, increasing independence as knowledge and experience grow. • Assist in resolving higher-priority customer misclassification escalations by following documented procedures and learning from senior team members’ approaches. • Participate in investigations to identify root causes behind misclassification issues, reviewing audit logs and system interactions with support from more experienced teammates. • Analyze data using internal and external tools, including AI-based tools, to enhance investigative capabilities, applying them primarily under direction or within well-defined workflows. • Support threat-hunting activities by leveraging internal and external data and intelligence sources under guidance to help identify hidden or emerging threats and potential misclassifications. #LI-AA1 Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. For our EEO policy statement please click here. If you would like more information on your EEO rights under the law, please click here.