Senior Threat Researcher – Threat Detection Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Detection Engineer responsible for analyzing advanced security threats. Collaborating with teams to translate threat intelligence into high-fidelity detections for Sophos.
Responsibilities:
- Develop countermeasures to detect advanced threats based on research and intelligence from the CTU team.
- Analyze endpoint behaviors and logs to design detections using multi-source telemetry.
- Continuously refine and monitor detection rules to optimize the signal-to-noise ratio for alerts.
- Research and implement alert handling for new device ingestions, ensuring high-value signal delivery.
- Leverage internal tooling to distinguish native from standard integrations for detection accuracy.
- Collaborate on the development of internal tools, automation, and detection infrastructure.
- Act as a subject matter expert across departments including Product Management, Marketing, and Labs Research.
Requirements:
- 10+ yrs of relevant experience in threat research, 5+ yrs in detection writing
- Hands-on experience in scripting languages (PowerShell, Bash, Python) and use of Python data science libraries (e.g., NumPy, Pandas, Matplotlib).
- Knowledge of CI/CD pipelines, testing frameworks, and automation principles.
- Proficiency in analyzing logs from firewalls, proxies, and security infrastructure to identify anomalies.
- Familiarity with event logs, traffic pattern anomalies, and threat hunting methodologies.
- Strong understanding of endpoint detection, Linux/Unix and Windows OS internals, vulnerability identification, and workflow automation.
- Experience with event correlation and incident reconstruction using log data is a plus,
- Network traffic analysis skills, including identification of anomalous or malicious traits is a plus.
- Solid grasp of database querying, systems architecture, and process automation for operational improvements is a nice to have.
- Experience in malware analysis, including static/dynamic techniques and reverse engineering (IA32/64, ARM binaries).
- Forensic analysis of memory and disk images across various OS and file system types.
Benefits:
- Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach.
- Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit
- Employee-led diversity and inclusion networks that build community and provide education and advocacy
- Annual charity and fundraising initiatives and volunteer days for employees to support local communities
- Global employee sustainability initiatives to reduce our environmental footprint
- Global fitness and trivia competitions to keep our bodies and minds sharp
- Global wellbeing days for employees to relax and recharge
- Monthly wellbeing webinars and training to support employee health and wellbeing
Similar Jobs
DevX Engineer
DevX Engineer supporting developer experience tools and practices for Pion, an audience verification platform helping brands build loyalty across consumer segments. You'll enhance engineering tools and collaboration.
IAM Engineer
IAM Engineer responsible for automating identity and access management processes in a growing business. Collaborating with various teams to improve access provisioning and compliance at WEX.
Operational Engineer
Operational Engineer at CSG focusing on integrating platforms across APIs, UX, and SSO functionalities. Hands-on role requiring cloud-native systems expertise and collaboration with engineering teams.
Service Desk Engineer – 3rd Shift
3rd Shift Service Desk Engineer providing technical support for IT assistance needs. Joining Mpathic's after-hours support team for critical IT operations.
Estimator / Project Controls Engineer
Estimator / Project Controls Engineer responsible for cost estimation and monitoring for U.S. infrastructure projects. Prepare estimates, track costs, and improve cost control processes.
Data Visualization Engineer
Data Visualization and Semantic Engineer optimizing data solutions at Mondelēz International. Collaborate and execute analytics agenda to drive long-term business performance.
Nuclear Engineer
Engineer - Nuclear-Level 2 responsible for design modifications in nuclear power plants. Overseeing multi-disciplinary system modifications while ensuring safety and regulatory compliance.
Senior Mainframe z/OS Engineer
Senior Mainframe Engineer handling customer environments and solving technical issues. Working remotely while contributing to FNTS's managed services engineering team.
Senior IAM Engineer
IAM Engineer leading transition and ongoing management of enterprise IAM program at Lanteris Space Systems. Responsible for establishing IAM standards and securing cloud and on-prem access.
Project Engineer
Project Engineer supporting sales, design, and commissioning of electrical systems for ABB's Electrification Smart Power Division. Involves compliance and technical coordination with stakeholders.
Associate Server Tech Services Engineer
Associate Server Tech Services Engineer ensuring server health and infrastructure availability through remote diagnostics and collaboration across global teams.
Associate Microgrid Engineer
Microgrid Design Engineer developing DER solutions at Honeywell for C&I projects. Collaborating with engineers to enhance energy efficiency and sustainability goals.
Mission Assurance Engineer
Mid-Level Mission Assurance Engineer supporting corporate quality management and quality assurance processes. Collaborating with multiple teams to ensure standardized quality practices across programs.
Installations Engineer, Level I-II
Installation Engineer at Leo Cancer Care responsible for customer-facing installations and maintenance of complex medical devices. Involves international travel and collaboration with global teams.
Senior Signal Integrity Engineer
Senior Signal Integrity Engineer ensuring performance and reliability of high-speed hardware designs at General Motors. Collaborating with teams and optimizing design processes for next-generation automotive systems.
Context Engineer
Context Engineer at CapIntel responsible for integrating LLMs into the core platform with a focus on reliability. Collaborating with various teams to enhance advisor and client experience.
Chief Engineer
Chief Engineer leading development of innovative solutions for DoD/National Security. Supporting contract delivery, business development, proposal development with comprehensive technical expertise.
Principal Software Engineer, Platform
Principal Software Engineer developing foundational systems supporting engineering operations at Cozey. Designing and maintaining infrastructure for efficient e-commerce processes.
Engenheiro de Dados – Sênior
Senior Data Engineer responsible for developing high-performance data pipelines in Brazil. Collaborating with data scientists and analysts in a complex and dynamic environment.
Senior SQL Engineer
SQL Engineer developing and maintaining T-SQL queries and reports for international projects. Collaborating on code reviews, documentation, and performance enhancements in a remote setting.