Threat Researcher 3 Job at Sophos India
As a worldwide leader in next-generation cybersecurity, Sophos protects nearly 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats. Powered by SophosLabs – a global threat intelligence and data science team – Sophos’ cloud-native and AI-enhanced solutions secure endpoints (laptops, servers and mobile devices) and networks against evolving cybercriminal tactics and techniques, including automated and active-adversary breaches, ransomware, malware, exploits, data exfiltration, phishing, and more. The award-winning Sophos Central cloud-based platform integrates Sophos’ entire portfolio of best-of-breed products, from the Intercept X endpoint solution to the XG Firewall, into a single system called Synchronized Security. Sophos products are exclusively available through a global channel of more than 47,000 partners and Managed Service Providers (MSPs). Sophos also makes its innovative commercial technologies available to consumers via Sophos Home . The company is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.”
SophosLabs is a global network of highly skilled and trained analysts and IT security professionals that is the front line in protecting businesses from known and emerging threats. Our analysts cover every area of IT security with integrated systems tracking malware, vulnerabilities, intrusions, spam, legitimate applications, legitimate and infected websites and mobile threats. Our automated systems work with Big Data technologies and continuously populate databases with legitimate and malicious content.
Sophos is focused on delivering the best IT security and data protection for businesses. Today Sophos products protect over 100,000 businesses and 100 million users, in more than 150 countries. We provide an excellent, supportive, open and lively work environment with exposure to leading technologies and opportunities for professional development and training.
As a Sophos Labs Threat Response Engineer you will be responsible for providing protection against malware, email spam and other cyber-threats.
You will be analyzing new malware and spam samples, developing protection against them and handling other protection issues reported by our customers in a timely manner and with quality.
Analyze files reported by our customers to determine their type and risk level
Create first-line detection signatures for new malicious Windows executable
Monitor email spam protection levels and respond to spam outbreaks in a timely manner using appropriate anti-spam detection technology available
Triage and manage cyber-threat related requests coming from our customers by collecting all the necessary information, responding to standard requests and escalating complex issues to problem domain experts for resolution.
Handle false positive reports from customers triggered in anti-spam, URL filtering or anti-malware filtering layers
Use Sophos data publishing systems to build, test and release protection updates for customer use
Write descriptions for threats for publication on the Sophos website to raise customer awareness
Required skills and experiences :
Good understanding of common Internet standards (HTTP, SMTP, DNS, Whois, HTML, RFC822, SSH)
Understanding of x86 architecture and familiarity with x86 Assembly
Understanding of Windows OS fundamentals
Basic understanding of computer and IT security
Practical understanding of PE file format structures
Desired skills and experiences
Reverse engineering with IDA or other tools
Malware and/or spam analysis skills
Linux user experience
Education required :
B.Sc. in Computer Science or equivalent
Weekend shift work will be required
Night-time shift work may be required
Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation.
If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our data protection policy which can be found here and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please reply to this or other emails from Sophos clearly stating your request, or follow the steps set out in the data protection policy describing your individual rights. If you have any questions about Sophos’ data protection practices please contact [email protected]
Company Location: India