
Threat Analyst, Level 2
Posted 2 hours ago

Posted 2 hours ago
This is a fully remote position, open to applicants in Australia.
• Analyze and investigate logs and security-related events using Sophos tools.
• Manage escalations from Tier I Threat Analysts, providing guidance and advice on investigation procedures.
• Facilitate the onboarding and training of new Threat Analysts.
• Generate cases, monitor progress, and follow up with clients during threat neutralization efforts.
• Communicate and document findings for diverse customer audiences, including both technical and executive teams.
• Ensure customer follow-up until issues are resolved and drive ongoing improvement by offering detailed recommendations to reduce risk in client environments.
• Acknowledge and fulfill incoming customer requests, interacting through various channels (Email, Phone, Ticket).
• Collaborate with core security and threat response teams to enhance security measures.
• Proactively research emerging Indicators of Compromise/Attack, exploits, and vulnerabilities.
• Engage in threat hunting to pinpoint potential threats across the MDR customer base.
• Contribute to the improvement and development of Security Operations processes.
• Gather metrics for reporting on threat trends, intelligence analysis, and situational awareness.
• A minimum of 2 years of experience in a SOC environment or in a computer security team within an IT setting.
• Required experience in endpoint and network security, including IDS, IPS, EDR, ATP, as well as malware defenses and monitoring.
• Familiarity with threat hunting practices.
• Experience in administering and supporting Windows OS (both workstations and servers) and one of the following: Apple or Linux-based operating systems (RedHat, Debian, Ubuntu, OS X).
• Understanding of common adversary tactics and techniques such as obfuscation, persistence, and defense evasion.
• Basic knowledge of network traffic analysis, including TCP/IP, routing, switching, and protocols.
• Strong proficiency in analyzing Windows event logs.
• Working familiarity with incident response protocols.
• Knowledge of the MITRE ATT&CK framework.
• Experience with OSQuery programming and scripting skills, particularly with PowerShell.
• Background in enterprise information security data management, particularly with SIEM.
• A passion for information technology and cybersecurity.
• A natural curiosity and the ability to rapidly acquire new skills.
• Exceptional troubleshooting and analytical capabilities, with a proven ability to think creatively.
• Customer service-focused, with strong written and verbal communication skills.
• Ability to excel in both team settings and independently.
• An innovative mindset, motivated to contribute to a team that delivers a top-tier cybersecurity service.
• A Bachelor's degree in Information Technology, Computer Science, or a related field, or equivalent relevant work experience.
• Willingness to work outside of standard business hours, including weekends and holidays, as our MDR service operates 24/7/365 (standard business hours apply).
• Sophos utilizes a remote-first working model, prioritizing remote work for most employees, although some roles may require a hybrid approach.
• Our team is composed of innovative and creative individuals, fostering a fun and spirited work environment.
• Employee-led diversity and inclusion networks that cultivate community and offer education and advocacy.
• Annual charity and fundraising events, along with volunteer days for employees to engage with local communities.
• Global sustainability initiatives aimed at reducing our environmental impact.
• Worldwide fitness and trivia competitions to keep our minds and bodies active.
• Global wellbeing days designated for employees to unwind and rejuvenate.
• Monthly wellbeing webinars and training sessions to support employee health and wellness.
Stefanini Brasil
Get handpicked remote jobs straight to your inbox weekly.