Senior / Threat Researcher - Emerging Threats, Sophos Labs

Budapest, HU, 1117

Sophos Labs

Sophos Overview – Cybersecurity Evolved

Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats. Powered by SophosLabs, our cloud-native and AI-enhanced solutions are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques. Managed through our award-winning, cloud-based platform, Sophos Central, our best-of-breed products work together through our unique Synchronized Security system to share threat intelligence and respond to evolving threats. The Sophos suite of products secures networks and endpoints against automated and active-adversary breaches, ransomware, malware, exploits, data exfiltration, phishing, and more.



The role

SophosLabs is recruiting a Threat Researcher to join our Emerging Threats team - a global team of highly skilled IT security professionals to help secure and protect millions of Sophos users and their systems worldwide from known and emerging threats. 


The Emerging Threats team is being referenced as the "Navy SEALs" of the Sophos Threat Research department. Their mandate is to find brand new or notable threats, assess their risk, conduct deep analysis and share developed threat intelligence internally and externally. The tasks include researching advanced targeted attacks, malware samples targeting emerging platforms, discovery of novel attack tactics and techniques, producing threat statistics and publishing blogs and whitepapers.


The successful candidate will provide analysis of the evolving cyber threat landscape and contribute to create the next generation of SophosLabs research tools. The ideal candidate is passionate about computer security and has high aptitude for solving challenging puzzles with an attention to detail.


Main Duties

  • Perform cyber threat analysis utilizing multiple information sources
  • Engage research based on cyber threat intelligence
  • Investigate APT campaigns and understand cyber threat actors, their motivations and technical capabilities
  • Leverage Big Data technologies for research and further analysis
  • Reverse engineer files to discover their intended functionality and risks to customers 
  • Write threat descriptions for publication on the Sophos website and threat research whitepapers in a timely fashion
  • Triage requests submitted by other departments, respond to tasks or escalate complex issues to senior team members 
  • Identify opportunities to write blogs for the Sophos website to raise customer awareness 


Experience and Skills


  • Proven problem-solving skills with an inquisitive nature 
  • Proven ability to prioritize and organize assigned tasks 
  • Possess an analytical and methodical approach to workflow 
  • Good written and verbal communication skills
  • Ability to work both independently and as part of a global team



  • Experience with x86 assembly
  • Experience in researching and reverse engineering malware using tools such as IDA Pro, WinDbg, OllyDbg and Hex editors
  • Computer & Web Security experience
  • Experience with a broad range of operating systems
  • Programming skills and experience
  • Solid understanding of file formats
  • Experience in BigData analysis, SQL and statistics
  • Published technical / whitepapers
  • Bachelor’s degree in Computer Software (or equivalent)



Equal Opportunities & Privacy


Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation. If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos.  If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.  If you have any questions about Sophos’ data protection practices, please contact dataprotection@sophos.com.

At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.