Senior Communications Security Engineer
Shamrock Trading Corporation · Overland Park, KS · 2 wk ago
On-siteInformation TechnologyFull-time
About the role
We are seeking a Senior Communications Security Engineer/Analyst to lead the design, implementation, and continuous improvement of security controls across enterprise communication platforms. This role will focus primarily on email security, while also supporting modern collaboration technologies such as Microsoft Teams, Zoom, and Slack.
Responsibilities
- Email Security Leadership (Primary Focus)
- Design, implement, and maintain enterprise email security.
- Manage and tune: Phishing and malware detection, Email authentication (SPF, DKIM, DMARC), Safe Links / Safe Attachments or equivalent controls.
- Lead incident response for phishing, BEC (Business Email Compromise), and email-based threats.
- Develop and enforce policies for data loss prevention (DLP) within email systems.
- Partner with SOC teams to improve email threat detection and response playbooks.
- Collaborate with security awareness teams to reduce phishing susceptibility.
- Provide guidance on secure usage of collaboration tools.
- Help design simulations and metrics-driven improvement programs.
- Collaboration & Communication Platform Security
- Assess and secure communication tools including collaboration applications.
- Define and implement security baselines, including: External sharing controls, Guest access governance, Message retention and compliance policies.
- Monitor and mitigate risks related to: Data leakage, Unauthorized file sharing, Shadow IT usage of communication tools, Threats from collaboration platforms.
- Develop detection use cases for communication-based threats across SIEM/SOAR platforms.
- Analyze logs and telemetry from messaging platforms for suspicious activity.
- Conduct threat hunting focused on social engineering and communication channel abuse.
- Governance, Risk & Compliance
- Align communication security controls with frameworks and policies.
- Support audits and compliance requirements related to secure communications and data protection.
- Perform risk assessments on new messaging/collaboration tools before adoption.
Requirements
- 5–8+ years in cybersecurity, with a strong focus on email or messaging security.
- Deep expertise in Microsoft 365 security stack (Defender for Office 365, Purview, Exchange Online Protection).
- Experience with collaboration platforms security (Teams, Slack, Zoom).
- Strong understanding of: Email protocols and authentication (SMTP, SPF, DKIM, DMARC), Phishing/BEC attack techniques, DLP and information protection.
- Experience with SIEM tools (e.g., Sentinel, Splunk) and alert tuning.
- Ability to analyze and respond to real-world attacks with minimal supervision.
Qualifications
- Experience with email filtering products.
- Experience with cloud security platforms (Azure, AWS, and GCP).
- Experience building automation or response workflows.
- Strong analytical and threat detection mindset.
- Deep understanding of social engineering attack vectors.
- Ability to translate risk into actionable controls.
- Cross-team collaboration and communication skills.
- Reduction in phishing click rates and successful compromises.
- Improved detection and response time for email-based threats.
- Secure adoption and governance of collaboration platforms.
- Audit/compliance readiness for communication systems.