Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Manager threat research
Company Sophos
Location Ahmedabad, India
Preferred GIAC Certifications GIAC Reverse Engineering Malware (GREM)
Travel 0%
Salary Not provided
URL Not provided
Contact Name Anonymous
Contact Email vaibhav.nagariya/at/
Expires 2021-08-11

Job Description

### Interested candidates can send the updated CV at "" ###

###Sophos Overview – Cybersecurity Evolved

Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats. Powered by SophosLabs, our cloud-native and AI-enhanced solutions are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques. Managed through our award-winning, cloud-based platform, Sophos Central, our best-of-breed products work together through our unique Synchronized Security system to share threat intelligence and respond to evolving threats. The Sophos suite of products secures networks and endpoints against automated and active-adversary breaches, ransomware, malware, exploits, data exfiltration, phishing, and more.

###Job Purpose

SophosLabs is recruiting an Intermediate Threat Researcher to join our Generic Detection Team - the global team of highly skilled security experts that deliver protection against Windows executable threats and applications.

As a member of the Generic Detection Team, you will leverage existing skills and learn new ones. You will use reverse engineering skills to develop new techniques for classifying and differentiating suspicious and clean files, and new methods for grouping and detecting executable threats and applications. You will employ unpacking and emulation methods to decrypt and deobfuscate packed code, allowing us to understand the hidden functionality. You will also contribute to research and data mining initiatives to discover new threats and opportunities improve protection.

The Generic Detection Team has members across the multiple locations that make up the global SophosLabs organization. You will work with local and remote security researchers across multiple teams to analyze, classify and create protection for malware, occasionally contributing to our customer response efforts within a local rotation.

###Main Duties:

* Able to undertakes both supervisory and hands on work within the department, Handling front-line operations for Malware Analysis and Anti-Spam team.
* Will own quality and responsiveness of customer-facing threat response operations and will represent the Threat Response team to other Sophos departments globally.
* Help improve the skill quotient of the team to equip them to handle next generation threats
* Ensure excellent customer response, timely triage of escalations and quality of detection work provided.
* Provide leadership for a team of Threat Response Engineers / Senior Threat Response Engineers / Tech Leads, particularly - Plan, drive and track processing of samples and requests within the team, reviewing workloads and raising resourcing issues to senior management as necessary.
* Ensure timely response including responding to email spam outbreaks and adding detection for malicious files reported by customers on a shift operational 24x7 model.
* Responsible for new starter assimilation, ensuring appropriate training, mentoring is available for all staff and tracking execution against development plan.
* Organize hiring activity to ensure the complete team is staffed appropriately with reference to the SophosLabs budget and against agreed selection criteria / specification.
* Ensure Sophos and SophosLabs standards / guidelines are adhered to and provide input into their improvement.
* Exposure to hands-on threat research duties such as analyzing malware and writing detection and guide the team aptly in the technical requirements of the role.
* Provide input into budget process clearly stating what is needed (staff, capital, training etc) in order to achieve the expected service level agreements.
* Able to guide the team to achieve goals within the timelines.
* Solid team management skills and experience of leading teams greater than 25 people Recruiting and maintaining effective team delivery operated as part of a global team with senior management in different time-zones.
* Experience managing operation teams working in North America / APAC / Europe for 2 or more years and cross-functional team handling capabilities
* Handle escalations / false positive reports from customers (platinum / premium / regular) triggered in anti-spam, URL filtering or anti-malware filtering layers
* Use Sophos data publishing systems to build, test and release protection updates for customer use
* Write descriptions for emerging threats for publication on the Sophos website or Blogs to raise customer awareness


* Highly motivated, self-starting and able to take ownership of a team with global scope
* Excellent Team Leadership / Project Management skills
* Hands-on technical role on x86 architecture and familiarity with x86 Assembly
* Practical understanding of Static / Dynamic analysis of Files , PE file format
* Good understanding of common Internet standards (HTTP, SMTP, DNS, Whois, HTML, RFC822, SSH)
* Understanding of Windows OS & Network fundamentals
* Able to work on shifts as per nature of requirement in operations
* Good understanding of computer and IT security
* B.Sc./BE in Computer Science or equivalent


* Reverse engineering with IDA or other tools
* Malware and/or spam analysis skills
* Scripting experience (Shell, Perl, Python, JavaScript) and Linux user experience
* Excellent communications verbal and written

###Equal Opportunities:

Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation.

If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights. If you have any questions about Sophos’ data protection practices, please contact

### Interested candidates can send the updated CV at "" ###