This is a fully remote position, open to applicants in Australia.

• Employ Sophos technologies for the investigation, containment, and response to cyber incidents.

• Analyze cyber incidents involving malware, ransomware, and various other attack vectors.

• Ensure the maintenance of precise and thorough documentation.

• Identify and document the tools, tactics, and procedures used by attackers.

• Communicate effectively with MDR customers throughout incident management.

• Collaborate closely with internal teams including SophosLabs, Detection Engineering, and Threat Hunting.

• Aid in the development of accurate and detailed technical incident reports.

• 3-6 years of experience in conducting cybersecurity investigations.

• Familiarity with incident response toolsets, methodologies, and techniques.

• Proven experience in creating technical documentation and reports.

• Capable of working effectively under high-pressure conditions.

• Experience in investigation of network and endpoints (macOS, Linux, Windows).

• Basic knowledge of OSQuery, SQL, and KQL.

• Understanding of frameworks such as MITRE Attack and Cyber Kill Chain.

• Willingness to work on some weekends and holidays.

• Proficient with Windows and Linux command and script interpreters.

• Sophos follows a remote-first working model.

• Employee-driven diversity and inclusion networks.

• Annual initiatives for charity and fundraising.

• Global initiatives focused on employee sustainability.

• International fitness and trivia competitions.

• Global wellbeing days dedicated to employees.

• Monthly webinars and training sessions focused on wellbeing.

Incident Response Analyst

People also viewed