Apply on Employer Site

National Life Group · 2 weeks ago

Email Security Engineer

Addison, TX

Full-time

Onsite

Mid, Senior Level

$94K/yr - $138K/yr

5+ years exp

National Life Group is one of America’s fastest-growing insurance companies, dedicated to providing stability and peace of mind to families since 1848. They are seeking an Email Security Engineer to enhance their email defenses against phishing and data loss threats by architecting and refining security controls using various tools and strategies.

Health CareInsuranceLife Insurance

No H1B

Responsibilities

Engineer and operate advanced email protections in Proofpoint and Microsoft Defender for Office 365 (including Exchange Online Protection, Safe Links/Safe Attachments, impersonation safeguards) with continuous tuning to cut false positives and boost catch rates

Engineer and operate Microsoft Purview DLP for Exchange Online. Design classification labels and enforcement rules with defined exceptions to stop data exfiltration. Use split tests and drift monitoring to sustain policy effectiveness

Harden trust and identity for mail: SPF/DKIM/DMARC strategy, DMARC enforcement and reporting, display name/VIP impersonation controls, external tag strategy, QR code phishing and Business Email Compromise patterns

Investigate and respond: lead deep-dive investigations on phishing campaigns; provide actionable post-incident improvements

Cross-team force multiplier: improve detections and execute response with Security Monitoring & Response, lock down access with IAM, ensure compliance fit with GRC, and make the fix stick with Security Architecture and Infrastructure

Automate and integrate: build playbooks and API/SOAR hooks for triage, enrichment, and response (e.g., auto-pull/recall, bulk purge, VIP watchlists, threat intel lookups)

Measure what matters: define metrics (catch rate, FP rate, MTTD/MTTR for mail events, DLP signal quality) and share insights that drive roadmap priorities

Document and mentor: publish standards, playbooks, and quick-wins; coach peers, and champion secure-by-default patterns for email workflows

Qualification

Proofpoint email securityMicrosoft Defender for Office 365Data Loss PreventionEmail security engineeringScripting PowerShellScripting PythonAPI automationEmail DLP platform expertiseSPF/DKIM/DMARCClear communicationCollaborationMentoring

Required

5+ years in Information Security with 2+ years focused on email security engineering/operations

Hands-on experience with Proofpoint email security, including Targeted Attack Protection (TAP) and Threat Response Auto-Pull (TRAP); policy tuning; Data Loss Prevention integration; and quarantine workflows

Proficiency with Microsoft Defender for Office 365 and Exchange Online Protection (EOP); configuring Safe Links and Safe Attachments; conducting advanced hunting; and performing header and mail flow troubleshooting

Email DLP platform expertise (Microsoft Purview preferred). Define and maintain the label taxonomy; tune rules and detectors including Exact Data Match (EDM) and regex; establish exception governance; and run testing at scale

Mail flow and identity depth across Exchange Online, connectors, transport rules, header analysis, and DNS; SPF/DKIM/DMARC design and enforcement; and vanity domain lifecycle for email: subdomain design and naming, DNS ownership and hygiene, third-party sender onboarding and alignment, and ongoing deliverability and blocklist monitoring

Strong scripting (PowerShell or Python), API/automation comfort, and a metrics-first mindset

Clear communication, able to turn complex findings into crisp recommendations for engineers, business stakeholders and leadership