SOC Analyst - Email Threat Specialist

Job Title: SOC Analyst (Email Threat Specialist)

Job Type: Part-time or Full-time, contract

Location: Remote, United States

Job Summary

As a SOC Analyst (Email Threat Specialist), you'll leverage your expertise in phishing and BEC triage to evaluate, classify, and document complex email threats. You will play a pivotal role in dissecting each email’s content and metadata, refining AI models, and fortifying defenses against real-world adversarial attacks. This is an exciting opportunity for cybersecurity professionals passionate about hands-on threat analysis and proactive blue teaming.

Key Responsibilities

1. Thoroughly review and analyze incoming emails, assessing both content and metadata to determine malicious intent.
2. Classify emails according to specific security threats such as phishing, business email compromise (BEC), malware, and spoofing based on industry criteria.
3. Perform advanced forensic analysis of email headers to uncover sophisticated attack vectors, including authentication anomalies and domain spoofing.
4. Apply authentication protocol expertise (SPF, DKIM, DMARC) to evaluate sender legitimacy and identify reply-to mismatches.
5. Leverage knowledge of business process fraud to detect targeted adversarial activity and prevent organizational risk.
6. Document findings and articulate detailed security incident reports with a focus on accuracy, clarity, and actionable intelligence.
7. Support the training of AI-driven security systems by providing expert-level annotations and threat classifications.

Required Skills and Qualifications

1. 2+ years of professional experience in cybersecurity, preferably in a SOC environment.
2. Expertise in blue teaming with a strong foundation in threat detection and analysis.
3. Proven experience triaging phishing, BEC, or other advanced email-based attacks.
4. Proficient in reading and interpreting complex email headers and authentication protocols (SPF, DKIM, DMARC).
5. Skilled in adversarial intent classification and discerning subtle threat indicators within high-volume, high-malicious-rate environments (75–80%).
6. Deep understanding of business process fraud and its mechanisms.
7. Exceptional written and verbal communication skills, with meticulous attention to detail in documentation and reporting.

Preferred Qualifications

1. Experience supporting AI or security automation tools through threat data annotation or training.
2. Advanced knowledge of header forensics and sophisticated phishing detection methods.
3. Relevant cybersecurity certifications (e.g., SSCP, CEH, CySA+).