Senior Threat Researcher – Behavioral Protection

Posted last week

Apply Now

Resume Score

Check how well your resume matches this job before you apply.

Sign in to check score

About the role

  • Senior Threat Researcher analyzing Windows based malware behaviors and developing protection rules. Collaborating with teams to enhance Sophos' cybersecurity capabilities.

Responsibilities

  • Analyze malware behaviors aligned with MITRE ATT&CK TTPs (and beyond), covering the full attack lifecycle, including initial access vectors, execution techniques, payload delivery—with a strong focus on in-memory techniques, fileless malware, and evasive behaviors.
  • Research and identify behavioral techniques employed by novel and sophisticated Advanced Persistent Threats (APTs) and translate these insights into effective behavioral protection rules to enhance prevention capabilities.
  • Drive protection coverage for zero-day malware and novel attack techniques.
  • Work independently with minimal supervision while managing priority protection tasks.
  • Review and provide actionable feedback on detection logic and code developed by fellow researchers.
  • Collaborate with the team to define clear protection priorities and deliver updates to customers in a timely manner.
  • Produce quality threat analysis reports for both internal and external audience

Requirements

  • Proven hands-on experience in Windows based malware analysis using both static and dynamic analysis tools such as using IDAPro and Windbg.
  • Deep understanding of behavioral techniques, memory injection methods, persistence mechanisms, and evasion tactics.
  • Ability to write robust, high-quality behavioral protection rules.
  • Demonstrated programming experience, preferably Python, Lua.
  • Experience working in a fast-paced threat research or security operations environment.
  • Strong communication skills and the ability to provide technical mentorship to peers.
  • Proactive, self-driven mindset with the ability to lead in critical incident or zero-day response scenarios.

Benefits

  • Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach.
  • Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit
  • Employee-led diversity and inclusion networks that build community and provide education and advocacy
  • Annual charity and fundraising initiatives and volunteer days for employees to support local communities
  • Global employee sustainability initiatives to reduce our environmental footprint
  • Global fitness and trivia competitions to keep our bodies and minds sharp
  • Global wellbeing days for employees to relax and recharge
  • Monthly wellbeing webinars and training to support employee health and wellbeing

Job type

Full Time

Experience level

Senior

Salary

Not specified

Degree requirement

No Education Requirement

Tech skills

LuaPython

Location requirements

RemoteCanada

Report this job

Found something wrong with the page? Please let us know by submitting a report below.