Threat Researcher

Role Summary

As a Sophos Labs Threat Response Engineer you will be responsible for providing protection against malware, email spam and other cyber-threats. 

What you will do

• You will be analyzing new malware and spam samples, developing protection against them and handling other protection issues reported by our customers in a timely manner and with quality.
• Analyze files reported by our customers to determine their type and risk level
• Create first-line detection signatures for new malicious Windows executable
• Monitor email spam protection levels and respond to spam outbreaks in a timely manner using appropriate anti-spam detection technology available
• Triage and manage cyber-threat related requests coming from our customers by collecting all the necessary information, responding to standard requests and escalating complex issues to problem domain experts for resolution.
• Handle false positive reports from customers triggered in anti-spam, URL filtering or anti-malware filtering layers
• Use Sophos data publishing systems to build, test and release protection updates for customer use
• Write descriptions for threats for publication on the Sophos website to raise customer awareness

What you will bring

• 3-6 years of overall experience in Malware Analysis
• Good understanding of common Internet standards (HTTP, SMTP, DNS, Whois, HTML, RFC822, SSH)
• Understanding of x86 architecture and familiarity with x86 Assembly
• Understanding of Windows OS fundamentals
• Basic understanding of computer and IT security
• Practical understanding of PE file format structures
• Desired skills and experiences
• Reverse engineering with IDA or other tools
• Malware and/or spam analysis skills
• Scripting experience (Shell, Perl, Python, JavaScript)
• Linux user experience
• SQL experience
• Should be felxible working in shifts and weekend.

#LI- Remote

#B1