- Understand malware kill chain and lifecycle & hands-on-keyboard attacks
- Mapping TTPs to MITRE ATT&CK matrix
- Accurate & efficient classification of malicious & suspicious behaviour
- Author classification rules, for both Endpoint & Cloud scenarios, to identify malicious & suspicious use of TTPs
- Analyse real world kill chains to discover new TTPs and gaps in coverage
- Measure and tune TTP coverage through data mining, customer telemetry & internal sandbox feeds
- Build & maintain playbooks on threat actor TTPs
- Strong knowledge of Windows operating system, internals & forensic tools
- Demonstrated programming experience. Preferred: Python, Lua, RegEx and/or SQL.
- Excellent grasp of MITRE ATT&CK tactics, techniques & procedures in order to create simulation
- Familiar with computational cost analysis & problem solving to minimize impact
- Bachelor degree in Computer Software (Computer Security preferable)
- SDLC or CI/CD Knowledge is a plus
- Bachelor's degree in computer software (Computer Security preferable) or equivalent experience
-
Researcher, Threat Intelligence
2 weeks ago
Control Risks London, United KingdomTo conduct open-source intelligence research to support a complex and fast-paced threat intelligence programme. · **Role tasks and responsibilities** · Intelligence Collection and Analysis · - Gather information on individuals and groups posing a threat to our client and their as ...
-
Online Threat Intelligence Researcher
2 weeks ago
Control Risks London, United KingdomConduct open-source intelligence research and monitoring to support the work of the Online Threat Intelligence (OTI) team. · **Role tasks and responsibilities** · - Conduct research across multiple venues to identify possible threats and threatening discourse surrounding our clie ...
-
Threat Researcher
3 weeks ago
Sophos United KingdomAbout Us · Sophos is a worldwide leader and innovator of advanced cybersecurity solutions, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies that help organizations def ...
-
Threat Researcher
2 weeks ago
Sophos Group United KingdomThreat Researcher – Detection Engineer - MAC OS · United Kingdom · Threat Intelligence – Threat Research and Engineering (SophosLabs) / · We have a fantastic opportunity here at Sophos Labs for a Threat Researcher to join our global team of behaviour-based detection engineers, ...
-
Researcher - Threat Intelligence
6 days ago
Control Risks london, United KingdomJob DescriptionIn this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber Threat Intelligence reporting. · This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our ...
-
Researcher - Threat Intelligence
6 days ago
Control Risks london, United Kingdom Part time, Full timeIn this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber Threat Intelligence reporting. · This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence p ...
-
Researcher - Threat Intelligence
1 week ago
Control Risks London, United KingdomIn this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber Threat Intelligence reporting. · This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence p ...
-
Researcher, Threat Intelligence
1 week ago
Control Risks London, United KingdomControl Risks · Control Risks is the specialist global risk consultancy that helps organisations succeed in a volatile world. Find out more. View company page · In this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cy ...
-
Researcher - Threat Intelligence
3 weeks ago
Control Risks United KingdomIn this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber Threat Intelligence reporting.This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence plat ...
-
Lead Threat Research Analyst
3 weeks ago
OpenText United KingdomOpenText · OpenText offers cloud-native solutions in an integrated and flexible Information Management platform to enable intelligent, connected and secure organizations. View company page · OPENTEXT · OpenText is a global leader in information management, where innovation, c ...
-
Threat Research Investigations Intern
1 week ago
QNX Software Systems London, United Kingdom Full timeWorker Sub-Type: · Student (Fixed Term) Job Description: · Be part of something special; come join the BlackBerry Threat Research team · BlackBerry – the iconic brand you know and trust – is now a market leading cybersecurity software and services company. · Creating the gold st ...
-
Incident Response/threat Hunting Specialist
1 week ago
Barclay Simpson London, United Kingdom**Incident Response/Threat Hunting Specialist**: · - London · - £90,000 + bens · - Sector: Professional Services, Commerce and Industry · - Job reference: 40942 · I'm working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedica ...
-
Threat Investigator
2 weeks ago
Protection Group International London, United Kingdom**PGI are looking for a Threat Investigator to join its Digital Investigations team.** · PGI is a digital risk company focused on intelligence and cybersecurity. PGI's Digital Investigations team leverage OSINT, SOCMINT, and WEBINT to provide contextual intelligence on state and ...
-
Senior Cyber Security Researcher
2 weeks ago
Recorded Future London, United KingdomWith 1,000 employees, over $250M in sales, 1,500+ clients, and rapid year-over-year growth, Recorded Future is the world's most advanced, and largest, intelligence company · **Senior Cyber Security Researcher/Reverse Engineer, Reverse Engineering Team**: · Reverse Engineering Tea ...
-
Willis Towers Watson London, United KingdomCyber Threat Intelligence Principal Specialist · - London, GB · August 14, 2023 · The individual will contribute to and work as part of a global multi-disciplined security community with clear vision and direction and top-down support across the business. They will help the wider ...
-
Cyber Threat Investigator
1 week ago
Barclay Simpson London, United Kingdom**Cyber Threat Investigator**: · - London · - £65,000 + benefits · - Job type: Permanent · - Sector: Not-for-Profit, Commerce and Industry · - Job reference: 41269 · Our client, leader in the technology space, are seeking a hands-on Cyber Threat Intelligence Analyst to join their ...
-
Threat Consultant
1 week ago
Adarma Limited London, United KingdomWho we are · ADARMA began life in 2009, with a fierce determination to make cyber resilience a reality for every organisation, every day. This has guided us as we've adapted and grown to become one of the UK's leading threat specialists. Our journey is remarkable. But what's ahea ...
-
Cyber Security Sales
3 weeks ago
Pinnacle Employment London, United KingdomRequired Skills: Excellent Communication, Understanding of Global Information Security & Privacy standards, regulations & guidelines, Good understanding of Cloud concepts, Good understanding of Attack surface monitoring, Understanding of Dark web monitoring & respective Threat In ...
-
Security Researcher
2 weeks ago
Microsoft London, United KingdomSecurity represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, an ...
-
Strategic Intelligence Lead
3 weeks ago
NHS Counter Fraud Authority London, United KingdomThe NHS Counter Fraud Authority (NHSCFA) is the national body responsible for all matters relating to the prevention, detection and investigation of economic crime across the NHS. Further information about our work and annual plan for delivering this is available on our website. ...
Threat Researcher - United Kingdom - Sophos Group
Description
Threat Researcher – Detection Engineer - Windows OS
United Kingdom
Threat Intelligence – Threat Research and Engineering (SophosLabs) /
We have a fantastic opportunity here at Sophos Labs for a Threat Researcher to join our global team of behaviour-based detection engineers, to hunt, to research, and to add real-time detection for suspicious activity across our customer environments.
Our team of skilled security experts combine their passion to detect & disrupt cyber-attacks with their capability to develop classification rules that can cut through the noise in modern computing environments to tease out attacker's nefarious activities.
You are intrinsically motivated to understand the core logic behind malware and hacking attacks, to find & predict new ways attackers will modify their techniques, and take great satisfaction in developing robust detection logic that is immune to evasive actions. You will be responsible for writing rules that are able to detect malicious activities across all types of TTP (even if a Mitre Technique doesn't exist yet). This is the foundation of Sophos next-gen approach.
Above all - you enjoy thinking creatively; combining your deep technical knowledge, your tenacity for innovation, and your can-do attitude to solve complex and challenging problems on a daily basis.