Sophos

Threat Analyst, Level 1

Sophos

full-time

Posted on:

Location Type: Remote

Location: Australia

Visit company website

Explore more

AI Apply
Apply

Job Level

Junior

Tech Stack

Cyber SecurityLinuxMacOSTCP/IP

About the role

  • Monitor, investigate, and respond to alerts generated by the Sophos security stack (including EDR/XDR capabilities).
  • Perform end-to-end analysis on suspicious activity to assess scope, impact, and risk.
  • Identify and respond to cyber threats across customer environments using approved playbooks and tooling.
  • Accurately document findings, investigative steps, and outcomes in the MDR case management platform.
  • Conduct threat hunting to identify potential threats throughout the MDR customer base.
  • Investigate phishing emails, suspicious binaries, and behavioral anomalies.
  • Support detection tuning by identifying recurring false positives and suggesting improvements.
  • Stay informed on threat actor behaviors, MITRE ATT&CK techniques, and Sophos threat research updates.
  • Proactively research emerging IOCs, active exploits, and vulnerabilities to stay ahead of evolving threats.
  • Contribute to internal knowledge bases, documentation, and continuous improvement initiatives.
  • Participate in shift rotations and ensure timely, detailed handovers between global teams.
  • Provide detection and response support for active security incidents.
  • Manage case workflows: create cases, track progress, and follow up with clients until resolution.
  • Engage with clients via email, phone, and tickets as part of case handling.
  • Assist with developing and refining Security Operations processes, playbooks, and tooling feedback.

Requirements

  • 1+ years of experience working in a Security Operations Center (SOC) or cybersecurity-focused IT role.
  • Familiarity with endpoint and network security tools, including EDR, IDS/IPS, and malware prevention/monitoring solutions.
  • Working knowledge of Windows operating systems (both workstation and server), with additional experience in Linux (Ubuntu, Debian, RedHat) or macOS environments.
  • Ability to interpret and analyze Windows event logs and other telemetry data.
  • Understanding of core network concepts including TCP/IP, protocols, routing, and traffic analysis.
  • Practical experience investigating alerts and performing basic response actions in a real-time environment.
  • Exposure to threat hunting methodologies and an understanding of attacker behavior and patterns.
  • Exposure to incidents involving active threats and taking active response measures to contain the threat.
  • Foundational understanding of adversary tactics and techniques (e.g., persistence, privilege escalation, lateral movement, obfuscation), especially as defined in frameworks like MITRE ATT&CK.
  • Familiarity with common incident response workflows and security operations processes.
  • Strong analytical thinking and troubleshooting skills, with attention to detail in investigations and case documentation.
  • Excellent communication skills, with the ability to clearly explain findings to both technical and non-technical audiences.
  • Customer-first mindset with professionalism and a focus on service excellence.
  • Must thrive within a team environment as well as on an individual basis.
  • Natural curiosity and willingness to learn in a fast-paced, ever-changing threat landscape.
  • A passion for cybersecurity, continuous improvement, and staying current on threat trends.
  • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity or related field, or equivalent practical experience.
  • Willingness to work from 0630 to 1500 JST, with the flexibility to adjust to business requirements.
  • Willingness to participate in rotating weekend and holiday coverage (our MDR service is 24x7x365).
Benefits
  • Sophos operates a remote-first working model, making remote work the primary option for most employees.
  • Annual charity and fundraising initiatives and volunteer days for employees to support local communities.
  • Global employee sustainability initiatives to reduce our environmental footprint.
  • Global fitness and trivia competitions to keep our bodies and minds sharp.
  • Global wellbeing days for employees to relax and recharge.
  • Monthly wellbeing webinars and training to support employee health and wellbeing.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
EDRXDRIDSIPSmalware preventionWindows operating systemsLinuxTCP/IPthreat huntingMITRE ATT&CK
Soft Skills
analytical thinkingtroubleshootingcommunicationcustomer serviceteamworkattention to detailcuriositywillingness to learnprofessionalismservice excellence