Related skills
linux windows macos edr mitre att&ckπ Description
- Utilize Sophos technologies to investigate, contain, and respond to cyber incidents
- Conduct analysis of cyber incidents for malware, ransomware, and other common attack types
- Maintain accurate and detailed documentation for analysis performed during cyber incidents
- Recognize and codify attacker tools, tactics, and procedures for investigations and tooling
- Provide clear and concise communication to MDR customers during cyber incidents
- Work closely with SophosLabs, Detection Engineering, and Threat Hunting to improve detection logic
π― Requirements
- 3-6 years of experience conducting methodical cyber security investigations
- Knowledge of incident response toolsets, methodologies, and techniques
- Experience creating technical documentation and technical reports
- Ability to work under high-pressure situations, when response time matters
- Network and endpoint (macOS, Linux, Windows) investigation experience; IDS/IPS/EDR
- Basic understanding of OSQuery, SQL, and KQL
- Knowledge of MITRE ATT&CK and Cyber Kill Chain
- Ability to work some weekends and holidays
π Benefits
- Remote-first working model with remote work as the primary option
- Some roles may require hybrid work
- Diverse and inclusive environment
- Annual charity and volunteering initiatives
- Global wellbeing and wellness programs
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!