Incident Response Analyst

3 days ago

Apply Now

Receive Emails with Similar Jobs

Sophos

WebsiteLinkedInAll Job Openings

IT Security • Next-Gen UTM (Unified Threat Management) • Mobile Device Management • Endpoint Security • Antivirus

1001 - 5000 employees

Founded 1985

🔒 Cybersecurity

☁️ SaaS

💰 Post-IPO Equity on 2021-08

Description

• Sophos is a global leader and innovator of advanced security solutions that defeat cyberattacks. • Sophos RR team is an elite group of incident responders engaged by organizations worldwide. • Provides comprehensive investigations, response actions, remediation guidance, and root cause analysis. • Conducts large-scale investigations across customer networks and performs forensic analysis.

Requirements

• 3+ year experience in a dedicated Incident Response role or 5+ years in a security related role with incident response responsibilities • Excellent understanding of Windows logs and forensic artifacts • Strong understanding of hypervisors and virtualization • Experienced in conducting full disk and triage image acquisition, and industry standard tools such as FTK Imager and CyLR • Extensive experience and knowledge of mapping adversary behavior to the MITRE ATT&CK framework • Demonstrated experience working with common open-source forensic utilities such as Eric Zimmerman Tools, The Sleuth Kit, Plaso Log2Timeline, Volatility, ChainSaw, etc. • Passion for cyber security, incident response, and digital forensics • A desire for continuous learning • Strong written communication skills • A team-player attitude with a willingness to share knowledge • Ability to work some weekends and holidays • Experience leading BEC investigations • Undergraduate education in Cybersecurity, Computer Science, or comparable • Cybersecurity certifications (e.g. SANS GCFA, OSCP, CISSP, or similar) • Experience with SIEM technology (e.g. Splunk, ELK, etc.) • Ability to lead and direct customer engagements when the Incident Lead is absent • Capable to lead smaller compromise assessment or BEC engagements • Willingness to work occasional overtime during peak times or holidays • Experience writing OSQuery or SQL queries • Experience writing PowerShell, Python, or Bash scripts

Benefits

• Sophos operates a remote-first working model, making remote work the primary option for most employees. • Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit • Employee-led diversity and inclusion networks that build community and provide education and advocacy • Annual charity and fundraising initiatives and volunteer days for employees to support local communities • Global employee sustainability initiatives to reduce our environmental footprint • Global fitness and trivia competitions to keep our bodies and minds sharp • Global wellbeing days for employees to relax and recharge • Monthly wellbeing webinars and training to support employee health and wellbeing