Key skills
LinuxData MiningRemote Work
About this role
Role Overview
- Implementing context-aware & behavior-based detection to provide multiple layers of protection from attacks targeting Linux infrastructure
- Mapping protection & detection of attack behaviors to MITRE ATT&CK framework
- Linux kernel exploit research and detection
- Threat hunting, data mining, and using other methods of research to discover new threats to Linux and opportunities to improve protection
- Working with product teams to adapt protection technology to the rapidly evolving threat landscape
- Reverse engineering and debugging malware, understanding the complete end-to-end kill chain, from attack vector to persistent payload
- Publish research articles and whitepapers on the corporate blog
Requirements
- Deep knowledge of Linux operating system, internals and APIs
- Experience in computer security and/or threat research
- Dynamic and static malware analysis experience
- Programming experience
- Threat hunting
- Data mining
- Reverse engineering skills
- Knowledge of exploitation techniques
- Knowledge of offensive tools and techniques
Tech Stack
- Linux
Benefits
- Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach.
- Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit
- Employee-led diversity and inclusion networks that build community and provide education and advocacy
- Annual charity and fundraising initiatives and volunteer days for employees to support local communities
- Global employee sustainability initiatives to reduce our environmental footprint
- Global fitness and trivia competitions to keep our bodies and minds sharp
- Global wellbeing days for employees to relax and recharge
- Monthly wellbeing webinars and training to support employee health and wellbeing