Threat researcher

Posted: Sept. 7, 2020, 6:34 p.m. - Full Time - Bangalore

Sophos Overview – Cybersecurity Evolved

Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats. Powered by SophosLabs, our cloud-native and AI-enhanced solutions are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques. Managed through our award-winning, cloud-based platform, Sophos Central, our best-of-breed products work together through our unique Synchronized Security system to share threat intelligence and respond to evolving threats. The Sophos suite of products secures networks and endpoints against automated and active-adversary breaches, ransomware, malware, exploits, data exfiltration, phishing, and more.

Job Purpose

The 3rd Party Test team is responsible for all of Sophos’s tester engagements with companies including but not limited to MITRE, SE Labs, NSS Labs, AV Test, AV Comparatives, MRG Effitas, etc. This role is centered on network product focused tests and requires an individual with solid understanding of network security. As a 3rd Party Test Engineer, you’re responsible for a wide variety of day to day activities including analyzing and understanding our latest test results, collaborating with our own Product Management, engineering and marketing teams to devise a response plan, working with testers to coordinate schedules and test engagements, providing feedback on new and existing test methodologies, and in general support Sophos’ drive towards winning the tests. We are a global company operating out of 27 countries with testing organizations spread all over the world across various time zones therefore the candidate will need to be flexible with his/her schedule given the wide variance of time zones between internal teams and testers.

Main Duties:

  • Interface between testers, SophosLabs, product management, engineering and marketing.
  • Maintain aligned communication with testers which includes providing test methodology feedback, scheduling and supporting test engagements, coordinating test result disputes, etc…
  • Understand our failures and provide technical insight while working with our engineering teams to come up with a solution to improve in future test results.
  • Help coordinate, schedule and track tasks with various engineering to ensure efforts will be completed in time for upcoming tests.
  • Develop tools, workflow and/or system improvements
  • Occasional travel (1-2 weeks per year) to tester sites for test engagements is required.

Essential:

  • Familiarity with BreakingPoint, IXLoad and Spirent security and network testing products
  • Strong understanding of exploits (File and Protocol based), network evasion techniques, linux network stack
  • Ability to read through PCAPs
  • Technical troubleshooting and problem-solving skills and the ability to learn Sophos software products
  • Able to work independently with minimal supervision
  • Interpersonal and communication skills, focused on building rapport and listening
  • Ability to convey technical knowledge in a business-friendly way
  • Strong communication skills, written and verbal
  • Strong organization and time management skills
  • Ability to multitask and prioritize workload along with project assignments
  • Flexibility to work with teams in different time zones

Desirable:

  • Linux Kernel and Network Stack Development
  • Deep comprehension of network evasions
  • TCP/IP low level evasions
  • Upper level OSI evasions such as HTTP/S evasions
  • Deep understanding of TLS 1.3
  • Familiarity with Sophos or any other competitor firewall products
  • Security product testing experience
  • Programming skills
  • Experience in the computer security industry

Equal Opportunities

Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation. If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.