Senior Threat Researcher
- Sophos
- 8 - 13 years
- Kolkata
- 5 days ago
- Email to a friend
- Report this job
Job Description
Role Summary
As a Threat Researcher, you will be part of the front line responsible for helping to protect millions of users worldwide from network security threats and exploits. The successful candidate will analyze and detect the latest threats and help create the next generation of SophosLabs research tools. The ideal candidate is passionate about computer network security and has a high aptitude for solving challenging puzzles, with strong attention to detail.
What you will do
- Must be able to conduct in-depth research on emerging network-, software-, and application-based security threats, threat actors, vulnerabilities, and malware campaigns.
- Must be able to reproduce and simulate attack techniques, reverse engineer exploits and PoC code, etc., in lab environments to understand their network signatures and develop protection rules that ensure thorough detection and coverage.
- Continuously monitor critical threat intelligence sources to stay on top of emerging threats and trends.
- Develop high-quality detection/IPS signatures to detect and prevent threats and exploits.
- Build, test, and publish detection/IPS signatures.
- Must be able to write high-quality threat or exploit descriptions based on research, including white papers, blog posts, and case studies.
- Track zero-day and newly discovered vulnerabilities and malware on a regular basis, and strive to provide timely protection for customers.
- Independently conduct research and reverse engineer threats and exploits, and be able to provide detailed research reports.
- Triage requests submitted by other departments, respond to tasks, and escalate complex issues to senior team members.
- Answer customer queries routed through Technical Support, as well as internal queries from all departments.
- Identify opportunities to write blogs for the Sophos website to raise customer awareness.
- Understand gaps or failures and provide technical insights while working with engineering teams to develop solutions that improve future test results.
- Maintain aligned communication with the team, including updates on quality, effectiveness, and third-party test issues.
- Work with third-party test coordinators to improve performance in external test results.
- Take initiative and drive quality and effectiveness.
- Mentor and coach other Threat Researchers on writing and content creation.
What you will bring
- 8+ years of experience in threat (vulnerability and exploit) research and threat intelligence, with in-depth knowledge of the latest cyber threats, threat actors, and attack techniques.
- In-depth knowledge of networking fundamentals, including the OSI model.
- Strong, practical understanding of the TCP/IP protocol suite and low-level evasion techniques.
- Good understanding of L2, L3, and L4 network communication.
- Strong understanding of L7 protocols and upper-level OSI evasion techniques, such as HTTP, SMTP, POP3, DNS, Telnet, HTTPS/SSL, and FTP.
- Deep understanding of network evasion techniques.
- Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques.
- Ability to decode network traffic using packet analyzer tools such as Wireshark, Ethereal, and tcpdump.
- Strong understanding of exploits (file- and protocol-based), network evasion techniques, and the Linux network stack.
- Strong understanding and ability to develop and test IPS signatures (preferably using Snort).
- Experience in developing Snort IPS signatures/rules.
- Good understanding of Snort engine internals.
- Good understanding of various network and endpoint security technologies, such as conventional firewalls, NGFWs, IDS/IPS, and proxy servers.
- Strong, practical understanding of commonly used techniques such as Cross-Site Scripting (XSS), SQL Injection, Cross-Site Request Forgery (CSRF), Directory Traversal, and Buffer Overflow.
- Proficient in at least one scripting or programming language (e.g., Python, Shell).
- Familiarity with software development tools such as GitLab and GitHub.
- Familiarity with Sophos or other competitor firewall products.
- Bachelor s or Master s degree in Engineering, Computer Science, or Electronics.
- Good to have certifications such as CEH, CCNA/CCNP, and CISSP.
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: Engineering - Hardware & NetworksRole Category: IT NetworkRole: System Administrator / EngineerEmployement Type: Full timeContact Details:
Company: SophosLocation(s): Kolkata+ View Contact
Keyskills: Linux Networking DNS Network security HTTP CCNA Technical support SQL Python Firewall
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Sophos
Powered by SophosLabs a global threat intelligence and data science team Sophoscloud-native and AI-enhanced solutions secure endpoints (laptops, servers and mobile devices) and networks against evolving cybercriminal tactics and techniques, including automated and active-adversary breaches, ransomwa...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in