Threat Researcher - Generic Detection

Budapest, HU, 1117

Sophos Labs

Sophos Overview – Cybersecurity Evolved

Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats. Powered by SophosLabs, our cloud-native and AI-enhanced solutions are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques. Managed through our award-winning, cloud-based platform, Sophos Central, our best-of-breed products work together through our unique Synchronized Security system to share threat intelligence and respond to evolving threats. The Sophos suite of products secures networks and endpoints against automated and active-adversary breaches, ransomware, malware, exploits, data exfiltration, phishing, and more.



SophosLabs is recruiting an Intermediate Threat Researcher to join our Generic Detection Team - the global team of highly skilled security experts that deliver protection against Windows executable threats and applications.


As a member of the Generic Detection Team, you will leverage existing skills and learn new ones. You will use reverse engineering skills to develop new techniques for classifying and differentiating suspicious and clean files, and new methods for grouping and detecting executable threats and applications. You will employ unpacking and emulation methods to decrypt and deobfuscate packed code, allowing us to understand the hidden functionality. You will also contribute to research and data mining initiatives to discover new threats and opportunities improve protection.


The Generic Detection Team has members across the multiple locations that make up the global SophosLabs organization. You will work with local and remote security researchers across multiple teams to analyze, classify and create protection for malware, occasionally contributing to our customer response efforts within a local rotation.


The successful candidate has at least 2 years’ experience in the computer security field demonstrating reverse engineering skills, technical aptitude and innovation. You enjoy thinking creatively; combining your deep technical knowledge, your tenacity for innovation, and your can-do attitude to solve complex and challenging problems on a daily basis. As a customer-facing team, we recognize and appreciate those with passion to provide the best protection and experience for our customers.


Main Duties

  • Participate in or lead research efforts within a particular threat research area 
  • Conduct research and analysis of a variety of different malware families and threats
  • Produce high-quality proactive protection against Windows malware and applications
  • Identify opportunity for and contribute to articles and/or whitepapers on research
  • Develop tools, workflow and/or systems improvements


Experience And Skills


  • 2+ years in computer security field
  • Reverse engineering using IDA Pro
  • Solid expertise in particular threat type or detection technology
  • Proven ability to prioritise and organise assigned tasks
  • Ability to work both independently and as part of a team
  • Good written and verbal communication skills
  • Bachelor degree in Computer Software (or equivalent)


  • Debugging using OllyDbg or WinDbg
  • Knowledge of Windows internals and kernel-level analysis
  • Published technical / whitepapers
  • Data mining experience
  • Knowledge of a scripting language, such as Python or Perl



Equal Opportunities & Privacy

Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation. If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos.  If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.  If you have any questions about Sophos’ data protection practices, please contact dataprotection@sophos.com.

At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.

Job Segment: Cloud, Data Mining, Technology