Email Security Engineer

Requirements

• 5+ years in Information Security with 2+ years focused on email security engineering/operations.
• Email DLP platform expertise (Microsoft Purview preferred). Define and maintain the label taxonomy; tune rules and detectors including Exact Data Match (EDM) and regex; establish exception governance; and run testing at scale.
• Mail flow and identity depth across Exchange Online, connectors, transport rules, header analysis, and DNS; SPF/DKIM/DMARC design and enforcement; and vanity domain lifecycle for email: subdomain design and naming, DNS ownership and hygiene, third-party sender onboarding and a

Benefits

Additional Information

Come join one of America's fastest-growing insurance companies. Since 1848, National Life Group has aimed to keep our promises, providing families with stability in good times and in bad. Throughout that history, we have provided peace of mind to those families as they plan their futures. Our mission extends beyond the insurance and annuities policies that we offer. We strive to make the world a better place through our grants from our charitable foundation, paid volunteer time for our employees, environmentally sustainable and healthy workplaces, and events that promote the work of nonprofits in our own backyard. We foster a collaborative environment with opportunities for growth and encourage our associates to live our values: Do good. Be good. Make good. Please note that we do not offer visa sponsorship for this position. Email is the number one attack vector and here, you'll be the trusted expert who takes our defenses to the next level. In this hands-on role, you'll architect and refine cutting-edge security controls using the latest in Proofpoint, Microsoft Office 365, Exchange Online Protection, and Microsoft Purview DLP to stay ahead of phishing, business email compromise, and data loss threats. You'll have the freedom to innovate, experiment with new solutions, and champion fresh ideas that drive real results. Grow your skills and make a difference. Our team thrives on collaboration and knowledge-sharing, and we believe in leading by example. You'll automate successful strategies, quickly adapt from lessons learned, and help shape our security roadmap. Leaders here empower you to test new approaches and encourage ongoing personal and professional development, so your contributions will have a direct and meaningful impact. Join a culture built on purpose and progress. We keep things simple: Do good. Be good. Make good. You'll be supported by a team that values thoughtful experimentation and growth, ensuring your work matters for our organization and for your career. This position currently offers an onsite work schedule, with the expectation that you are in the office four (4) days per week during onsite core days. Our current onsite core days are Monday, Tuesday, Wednesday, and Thursday. The work schedule type and core days are subject to change with advance notification and manager discretion. Essential Duties and Responsibilities Engineer and operate advanced email protections in Proofpoint and Microsoft Defender for Office 365 (including Exchange Online Protection, Safe Links/Safe Attachments, impersonation safeguards) with continuous tuning to cut false positives and boost catch rates. Engineer and operate Microsoft Purview DLP for Exchange Online. Design classification labels and enforcement rules with defined exceptions to stop data exfiltration. Use split tests and drift monitoring to sustain policy effectiveness. Harden trust and identity for mail : SPF/DKIM/DMARC strategy, DMARC enforcement and reporting, display name/VIP impersonation controls, external tag strategy, QR code phishing and Business Email Compromise patterns. Investigate and respond : lead deep-dive investigations on phishing campaigns; provide actionable post-incident improvements. Cross-team force multiplier: improve detections and execute response with Security Monitoring & Response, lock down access with IAM, ensure compliance fit with GRC, and make the fix stick with Security Architecture and Infrastructure. Automate and integrate : build playbooks and API/SOAR hooks for triage, enrichment, and response (e.g., auto-pull/recall, bulk purge, VIP watchlists, threat intel lookups). Measure what matters : define metrics (catch rate, FP rate, MTTD/MTTR for mail events, DLP signal quality) and share insights that drive roadmap priorities. Document and mentor : publish standards, playbooks, and quick-wins; coach peers, and champion secure-by-default patterns for email workflows.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at nationallifeinsurancecompany? Share your experience