E-mail Security Engineer

Job Description

WHO WE ARE //Slaughter and May is a leading international law firm, recognised for its exceptional legal service, commercial awareness and client commitment. We advise on the full spectrum of legal matters including high-profile, ground-breaking and complex transactions,contentious matters and all aspects of risk. We deliver innovative and bespoke solutions to our clients, domestically and internationally. We provide clear legal advice that spans the globe whilst tackling the cultural nuances between jurisdictions.We are now offering an opportunity to become part of our Technology team, which supports our lawyers in providing first-class legal advice to some of the most prestigious and well-known global businesses.Everyones contribution is valued at Slaughter and May, and we all enjoy an open, friendly and supportive environment. We have an underlying sense of pride in who we are and what we do, and our inclusive culture gives rise to a unique diversity of thinking,which is critical to our success and helps maintain our position as a true market leader. To support our employees in achieving their professional development objectives, we offer an unrivalled variety of learning and development opportunities to everyone,as well as a competitive salary and a comprehensive benefits package. The firm has evolved a new hybrid approach to working, which sees our people working between their respective remote environments and our prestigious Headquarters at One Bunhill Row, inthe heart of the City of London.Would you like to join one of the world’s most prestigious law firmsWe are seeking an experienced Email Security Engineer to join the firm’s London-based Technology department on a contract (initially 6 months, but with potential to extend).ROLE OVERVIEW //This role will initially be responsible for implementing common email anti-spoofing controls, such as Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting & Conformance (DMARC) - both to enablethe firm to reject fake emails that it receives, and third parties to reject fake emails sent in the firm’s name. There is particular focus on driving down the false positive rate, i.e. the risk of blocking legitimate emails in error, prior to enforcing suchcontrols. Further improvements in relation to email security may be required subsequently, informed by the lessons learned from implementing SPF, DKIM and DMARC. We are looking for a candidate with deep understanding of, and prior experience of implementing,email security and anti-impersonation solutions in comparable organisations. We need someone who can drive forward this area autonomously, with minimal supervision.KEY RESPONSIBILITIES //The key responsibilities of this role are:• Business analysis - review relevant audit logs to assess the extent to which legitimate emails are likely to be blocked by the implementation of each of these controls. Identify and document the distinct use cases that materially contribute to the false positiverate.• Options analysis and solution design - engage with relevant stakeholders to identify options for driving down the false positive rate (e.g. correcting misconfigurations and/or bypassing the relevant issue with surgical allowlisting), and make appropriaterecommendations.• Change management - plan and coordinate changes with stakeholders such as Change Advisory Board (including submitting Change Requests) and superusers of the platforms (e.g. internal comms, applicant tracking system) that spoof a sending address within thefirm’s mail domain.• Technical implementation - implement SPF, DKIM and DMARC (one at a time, and probably in that order; but we are open to change based on analysis conducted by the role holder). This will likely include making changes to the firm’s DNS records and MicrosoftExchange Online configuration.• Minimise risk and maximise supportability in this area - e.g. by separating distinct use cases onto separate email subdomains and preventing maximum DNS entry length limits being reached.• Develop relevant documentation - e.g. document use cases, business rules, test plans and results.CANDIDATE PROFILE //Candidates for this position must have:• Demonstrable experience of having implemented SPF, DKIM and DMARC in an organisation of at least the firm’s size and complexity - particularly of having mitigated the risk of false positives.• Numerical, analytical and business analysis skills - the ability to draw insights from large datasets (pertaining to millions of emails per month) in order to recommend appropriate courses of action.• Change management skills - familiarity with the ITIL Change Management process, and experience with drafting and representing change requests at a Change Advisory Board. Ability to plan and coordinate changes across a diverse stakeholder group to mitigatethe risk of business disruption.• Hands-on experience with configuring SPF, DKIM and DMARC in a hybrid Exchange / Exchange Online environment, and in DNS.• Ideally, also experience with the Mimecast email security platform and DMARC reporting tools.• Relevant Microsoft or vendor-neutral security qualifications (or substantially equivalent experience).You will also be expected to display the Key Behaviours for Business Services staff for this level of role. Those most relevant to this role are:• Technical & professional expertise• Drive to deliver• Analysis & judgement• Communication & influence