Threat Researcher-Generic Detection

Vancouver, Canada Office, Vancouver, Canada Office, CA, V6C 1W6

Technology Office

Sophos Overview – Cybersecurity Evolved


Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.


Job Purpose:

SophosLabs is recruiting an Intermediate Threat Researcher to join our Generic Detection Team - the global team of highly skilled security experts that deliver protection against Windows executable threats and applications. As a member of the Generic Detection Team, you will leverage existing skills and learn new ones. You will use reverse engineering skills to develop new techniques for classifying and differentiating suspicious and clean files, and new methods for grouping and detecting executable threats and applications. You will employ unpacking and emulation methods to decrypt and deobfuscate packed code, allowing us to understand the hidden functionality. You will also contribute to research and data mining initiatives to discover new threats and opportunities improve protection.

The Generic Detection Team has members across the multiple locations that make up the global SophosLabs organization. You will work with local and remote security researchers across multiple teams to analyze, classify and create protection for malware, occasionally contributing to our customer response efforts within a local rotation.


Main Duties:

  • Participate in or lead research efforts within a particular threat research area 
  • Conduct research and analysis of a variety of different malware families and threats
  • Produce high-quality proactive protection against Windows malware and applications
  • Identify opportunity for and contribute to articles and/or whitepapers on research
  • Develop tools, workflow and/or systems improvements


Skills & Experience:


  • 2+ years in computer security field
  • Reverse engineering using IDA Pro
  • Solid expertise in particular threat type or detection technology
  • Proven ability to prioritise and organise assigned tasks
  • Ability to work both independently and as part of a team
  • Good written and verbal communication skills
  • Bachelor degree in Computer Software (or equivalent)



  • Debugging using OllyDbg or WinDbg
  • Knowledge of Windows internals and kernel-level analysis
  • Published technical / whitepapers
  • Data mining experience
  • Knowledge of a scripting language, such as Python or Perl


Equal Opportunities

Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation.

If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos.  If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.  If you have any questions about Sophos’ data protection practices, please contact dataprotection@sophos.com.



At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.

Job Segment: Cloud, Data Mining, Technology