Sophos

Threat Analyst 3 – MDR

Sophos

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇮🇳 India

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

Cyber SecurityLinuxSQLSwitchingTCP/IP

About the role

  • Handle escalations from level I Threat Analysts - guide / advise on investigation handling
  • On-board and train new Threat Analysts
  • Participate in Security Operations process improvement and creation
  • Provide detection and response to security events and cyber-threats
  • Conduct security log management and monitoring
  • Maintain information security metrics
  • Provide assistance to core security and threat response teams
  • Create MDR service-related reports
  • Create cases for clients
  • Track and follow up with client through threat neutralization
  • Interact with clients via various mediums
  • Actively research recent Indicators or Compromise/Attack, exploits and vulnerabilities
  • Obtain metrics for reporting on threat trends, intelligence analysis and situational awareness

Requirements

  • 4+ years of experience working in a SOC environment or computer security team in an IT environment
  • Endpoint and network security experience required; IDS, IPS, EDR, ATP, Malware defenses and monitoring experience
  • Threat hunting experience preferred
  • Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, defense evasion, etc.
  • Knowledge of Mitre ATT&CK framework preferred
  • Working knowledge of incident response procedures
  • Experience with SQL query construction preferred
  • Experience with OSQuery is a plus
  • Experience administering and supporting Windows OS (both workstations and server) and one of the following: Apple or Linux-based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X)
  • Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.
  • Strong understanding of Windows event log analysis
  • Experience with enterprise information security data management - SIEM experience a plus
  • Programming and scripting skills - proficient knowledge of Powershell is a plus
  • Excellent troubleshooting and analytical thinking skills
  • Strong documentation and communication skills
  • Advanced Cyber Security certifications preferred but not required
  • Bachelors in Information Technology, Computer Science or a related field; or relevant commensurate work experience
  • Willingness to work outside of standard business hours including weekends and holidays – our Managed Detection and Response is a 24X7X365 service
  • Must be able to thrive within a team environment as well as on an individual basis
Benefits
  • Sophos operates a remote-first working model, making remote work the primary option for most employees.
  • Employee-led diversity and inclusion networks that build community and provide education and advocacy
  • Annual charity and fundraising initiatives and volunteer days for employees to support local communities
  • Global employee sustainability initiatives to reduce our environmental footprint
  • Global fitness and trivia competitions to keep our bodies and minds sharp
  • Global wellbeing days for employees to relax and recharge
  • Monthly wellbeing webinars and training to support employee health and wellbeing

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
endpoint securitynetwork securityIDSIPSEDRATPMalware defensesSQL query constructionOSQueryWindows OS
Soft skills
troubleshootinganalytical thinkingdocumentationcommunicationteamworkclient interactiontrainingprocess improvementresearchfollow-up
Certifications
Cyber Security certificationsBachelors in Information TechnologyBachelors in Computer Science