Email Security Analyst

About the Role

As an Email Security Analyst at Abnormal AI, you will be the front line of defense, proactively investigating threats and understanding attacker methodologies. You will meticulously document findings and leverage data-driven insights to tackle complex cybersecurity challenges. This role requires a deep dive into complex systems, thorough root cause analysis, and clear technical communication.

About You

You are motivated to stop email attackers and understand cybersecurity attack modes. You enjoy diving into complex systems, analyzing their behavior, and investigating unexpected outputs until the root cause is identified. You are a clear communicator, able to write technical reports for both technical and non-technical audiences. You meticulously document investigations for future reference and team learning. You approach technical challenges with a hypothesis-driven mindset and possess the ability to systematically uncover connections in complex systems. You are reliable in completing assigned tasks on time or seeking help promptly. While you can handle many tasks independently, you will benefit from coaching, mentorship, and direction to learn team processes and culture.

In This Job, You Will Bring These Skills

• 6+ months of experience in cybersecurity, email, or anti-abuse/spam fields.
• Ability to perform standardized data analysis using SQL and/or Python, following established runbook methodologies and debugging analysis workflows.
• Experience leveraging AI-powered analytical tools in both established workflows and ad-hoc investigations.
• Proven technical writing skills to effectively communicate complex issues.

Role Responsibilities And Deliverables

• Resolve customer misclassification escalations, including priority issues, accurately and in a timely manner.
• Communicate clearly and proactively with internal teams regarding customer issues, ensuring consistent and transparent updates.
• Build expertise in rule- and heuristic-based email attack analysis and containment.
• Understand and contribute to documenting workflows for the message system, customer escalations, and attack containment.
• Demonstrate reliability by understanding assigned tasks, asking clarifying questions, and completing work on time with moderate oversight.
• Handle core attack analysis and containment tasks with guidance, increasing independence as knowledge grows.
• Assist in resolving higher-priority customer misclassification escalations by following documented procedures and learning from senior team members.
• Participate in investigations to identify root causes behind misclassification issues, reviewing audit logs and system interactions.
• Analyze data using internal and external tools, including AI-based tools, to enhance investigative capabilities.
• Support threat-hunting activities by leveraging internal and external data and intelligence sources under guidance to identify hidden or emerging threats.

Key skills/competency

• Email Security
• Cybersecurity Analysis
• Threat Detection
• Incident Response
• SQL
• Python
• Technical Writing
• Data Analysis
• AI Tools
• Root Cause Analysis