Incident Response Analyst 2

Sophos is a global leader and innovator of advanced security solutions that defeat cyberattacks, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies. As one of the largest pure-play cybersecurity providers, Sophos defends more than 600,000 organizations and more than 100 million users worldwide from active adversaries, ransomware, phishing, malware, and more. Sophos’ services and products connect through the Sophos Central management console and are powered by Sophos X-Ops, the company’s cross-domain threat intelligence unit. Sophos X-Ops intelligence optimizes the entire Sophos Adaptive Cybersecurity Ecosystem, which includes a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity and information technology vendors. Sophos provides cybersecurity-as-a-service to organizations needing fully managed security solutions. Customers can also manage their cybersecurity directly with Sophos’ security operations platform or use a hybrid approach by supplementing their in-house teams with Sophos’ services, including threat hunting and remediation. Sophos sells through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.

Sophos is seeking a experienced and motivated Incident Response Analyst to join our Rapid Response (RR) service. The Sophos RR team is an elite group of incident responders that are engaged by organizations worldwide to respond to and neutralize cyber threats. Specializing in industry-standard forensic tools and Sophos technologies, the team provides comprehensive investigations, response actions, remediation guidance, and root cause analysis to combat a wide range of cybersecurity incidents.

 

As an Incident Response Analyst 2 on the Sophos RR team, you will collaborate with a dedicated group of experts to neutralize critical security incidents for customers of varying sizes and industries. In this role, you will be responsible for conducting large-scale investigations across customer networks and performing forensic analysis using leading industry tools to identify indicators of compromise (IOCs) and adversary tactics, techniques, and procedures (TTPs). Reporting to the Team Lead, Incident Response, you will take daily direction from the Incident Response Lead and will be responsible for documenting findings and providing consistent feedback on the investigation’s progress.