workfromanywhereworkfromanywhere
All jobs
SophosOther

Incident Response Analyst

AustraliaPosted 21 days ago

Sophos is seeking an experienced Incident Response Analyst to support Managed Detection and Response (MDR) customers within the Critical Incident Response Unit (CIRU). The role involves leading investigations of active cyber incidents, performing forensic, analytical, and containment tasks, and supporting customer communication and internal teams.

Location: Australia

Responsibilities

  • Utilize Sophos technologies to investigate, contain, and respond to cyber incidents
  • Conduct analysis of cyber incidents for malware, ransomware, and other common attack types
  • Maintain accurate and detailed documentation for analysis performed during cyber incidents
  • Recognize and codify attacker tools, tactics, and procedures that can be applied to current and future investigations and tooling
  • Provide clear and concise communication to MDR customers during cyber incidents
  • Work closely with internal SophosLabs, Detection Engineering, and Threat Hunting teams to continuously expand and improve detection logic
  • Work closely with Sophos MDR Operations teams in providing response, remediation guidance, and excellent customer service
  • Assist in creating accurate and detailed technical incident reports as a post-incident deliverable for MDR customers and MSPs

Requirements

  • 3-6 years of experience conducting cyber security investigations in a methodical manner and investigating threats
  • Knowledge of incident response toolsets, methodologies, and techniques
  • Experience creating technical documentation and technical reports
  • Ability to work under high-pressure situations, when response time matters, to disrupt adversary activity
  • Network and endpoint (macOS, Linux, Windows) investigation experience; IDS, IPS, EDR, and basic malware analysis
  • Basic understanding of at least one of the following: OSQuery, SQL, and KQL
  • Knowledge of frameworks such as MITRE Attack and Cyber Kill Chain
  • Ability to work some weekends and holidays
  • Experience with Windows and Linux command and script interpreters
  • Desired skills: Cyber security certifications (GCIH, CompTIA Sec+, eJPT, etc.), Experience with incident response investigations, handling malware, and performing response actions to contain and/or neutralize threats, Experience calling customers and providing excellent customer service
Apply Now

Location

Australia

Category

Other

Company

Sophos

Source

himalayas

Posted

21 days ago

Skills & Tags

incident-responsecybersecurity-analysisthreat-detectionsecurity-operationsmanaged-detection-and-response

Similar remote jobs

Programa Nacional para la Reducción de PérdidasOther

Chief Operating Officer

Remote
execoperationsfull timetelecommutingnon tech
yesterday
LocalOther

Operations Executive

Riyadh, Saudi Arabia
customer supportdevopsfull timedigital nomad
yesterday
PickleOther

Freelance Pharmaceutical Proofreader

Remote (UK)
content writingmarketingeducationmedicaldigital nomad
yesterday
Crossing HurdlesOther

Investigative Journalist

Remote
writercontent writingwork from homenon techcontent
yesterday
Crossing HurdlesOther

Journalist

Remote
writercontent writingwork from homenon techcontent
yesterday