Sophos
Cybersecurity • SaaS
Sophos is a leading cybersecurity company that specializes in protecting businesses against advanced cyber threats. The company offers a comprehensive suite of security solutions, including endpoint protection, managed detection and response (MDR), network security, and cloud security. With a prevention-first approach, Sophos aims to stop ransomware and other cyber threats before they cause harm. Sophos provides services such as threat research, security training, and operational support to ensure robust defense against cyberattacks. Their solutions cater to various industries including finance, healthcare, government, manufacturing, and retail. The Sophos Central platform delivers centralized security management, integrating seamlessly with existing IT infrastructure to enhance security posture.
1001 - 5000 employees
Founded 1985
🔒 Cybersecurity
☁️ SaaS
💰 Post-IPO Equity on 2021-08
MDR Security Automation Researcher
Job not on LinkedIn
September 24
Sophos
Cybersecurity • SaaS
Sophos is a leading cybersecurity company that specializes in protecting businesses against advanced cyber threats. The company offers a comprehensive suite of security solutions, including endpoint protection, managed detection and response (MDR), network security, and cloud security. With a prevention-first approach, Sophos aims to stop ransomware and other cyber threats before they cause harm. Sophos provides services such as threat research, security training, and operational support to ensure robust defense against cyberattacks. Their solutions cater to various industries including finance, healthcare, government, manufacturing, and retail. The Sophos Central platform delivers centralized security management, integrating seamlessly with existing IT infrastructure to enhance security posture.
1001 - 5000 employees
Founded 1985
🔒 Cybersecurity
☁️ SaaS
💰 Post-IPO Equity on 2021-08
📋 Description
• Identify, define and implement valuable automation opportunities for the Sophos MDR team • Research workflows, analyze operational data, and consolidate requirements from key stakeholders • Collaborate with subject-matter experts (SOC analysts, incident responders) to capture detailed process steps and identify gaps and bottlenecks • Use scripting languages (Python, JavaScript, Bash, CEL) to develop secure, scalable solutions • Integrate automated workflows with existing security tools (XDR, SIEM, AV, endpoint detection, etc.) • Conduct testing, validation, and troubleshooting to ensure reliable, stable deployment in production environments • Continuously monitor and maintain implemented automation solutions, ensuring performance, reliability, and security • Document technical specifications, deployment procedures, and operational guidelines for each automated workflow • Work with cross-functional teams (Security Operations, DevOps, IT) to ensure smooth coordination, prompt development, and stable release cycles • Host knowledge-sharing sessions and workshops to communicate new automation concepts and outcomes
🎯 Requirements
• Proven experience as a Cybersecurity Analyst working in a security operations center (Security analysis or incident response or threat hunting) • Preferred experience supporting global security operations or coordinating across MSSPs and internal teams, with focus on designing, documenting, or optimizing technical cyber security workflows • Strong scripting skills (e.g., Python, PowerShell, JavaScript, Bash) and familiarity with API integrations for workflow automation • Ability to convert documented requirements into actionable coding tasks in both independent and collaborative environments • Preferred knowledge of BI/data cyber analytics tools (e.g., SQL, Power BI, KQL) or machine learning concepts applied to detection • Familiarity with MITRE ATT&CK, threat intelligence platforms, or IOC integration • Must thrive within a team environment as well as on an individual basis • Natural curiosity and ability to learn new skills quickly • Preferred certifications from GIAC, EC-Council, ISC2, CompTIA, Offensive Security or vendor-specific certs (e.g., Azure Security, AWS Security, CrowdStrike CFR) • Applicants must have legal authorization to work in the jurisdiction where the position is posted, without requiring employer sponsorship • A plus: experience using Jupyter Notebooks and Python data analytics libraries (e.g., Pandas) • A plus: strong understanding of Windows event log analysis • A plus: experience administering and supporting Windows OS (both workstations and server) and one of the following: Apple or Linux-based operating systems • A plus: DevOps experience with AWS and Kubernetes environments
🏖️ Benefits
• Sophos operates a remote-first working model, making remote work the primary option for most employees • Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit • Employee-led diversity and inclusion networks that build community and provide education and advocacy • Annual charity and fundraising initiatives and volunteer days for employees to support local communities • Global employee sustainability initiatives to reduce our environmental footprint • Global fitness and trivia competitions to keep our bodies and minds sharp • Global wellbeing days for employees to relax and recharge • Monthly wellbeing webinars and training to support employee health and wellbeing
Apply NowSimilar Jobs
August 14
Freudenberg, a global technology group, seeks IT Network & Security Engineer to design and operate hybrid networks.
June 13
SAP Fioneer
501 - 1000
Join SAP Fioneer's cybersecurity team as a Cyber Defense Engineer to manage security platforms.
May 19
SAP Fioneer
501 - 1000
Join SAP Fioneer's cybersecurity team to enhance threat detection and response capabilities.