Senior Information Security Engineer

Vancouver, CA, V6C 1W6

Information Technology


Sophos makes IT security simple with next-generation solutions that protect networks, servers, and devices, wherever they are. Today, more than 100 million users in 150 countries and a global network of channel partners trust Sophos to deliver simple solutions to complex security challenges. Focused on innovation and backed by a global network of Sophos Labs threat intelligence centers and industry-leading support, Sophos delivers solutions that are simple to deploy, maintain, and manage, enabling organizations to focus on performance and growth. Sophos — Security made simple.

 

Job Purpose

As a security company Sophos has an internal Cybersecurity team which focuses on protecting Sophos’ own systems and infrastructure.

This role is for an experienced Senior Security Engineer to join our Cybersecurity “Blue team”.

This a great opportunity to help secure a world-leading security company. As you’d expect you’ll be joining an organisation that takes security seriously. You will get the opportunity to work with some world-leading experts from across the company in a fast-paced & exciting environment where security is a priority. As an added bonus, though our dogfooding programme, you can also contribute to improving our products.

The ideal candidate will have real-world experience of defensive security, incident response and be familiar with using big-data analytics to hunt for threats.

We’ll need you to help us keep on premise and cloud infrastructure secure. This will involve working with leading commercial and open source tools as-well as establishing and maintaining strong links to industry experts and world-class specialist consultants.

You’ll need to be highly motivated, have an innovative mind-set and able to clearly articulate complex technical security issues.

 

Duties & Responsibilities

As part of this role you will:

  • Lead:
    • The continual-improvement of our threat hunting capabilities & tooling.
    • Investigation & root cause analysis of security events & incidents escalated from our security operation centre.
    • Training and knowledge transfer to peers, the Security Operations Centre and the wider IT team.
    • Opensource tools and papers.
    • Staff education and awareness.
  • Act as a security subject matter expert to support development and operations teams and activities.
  • Design and develop automation to ensure platform, services, and machine security.
  • Develop security monitoring and detection systems. Investigate anomalous events across our service infrastructure and coordinate response with DevOps teams
  • Recommend and help implement improved threat response capabilities into the DevOps platform
  • Assist with code review for deployment automation as well as actual product capabilities
  • Have and maintain (via conferences, etc) a great knowledge of infosec industry trends and developments and advise on changes to the threat landscape.
  • Present and write about issues the team has experienced/innovated in community forums and industry events.

Special Conditions

  • Occasionally required to be available out-of-hours.
  • Some global travel may be required

 

Organisational Responsibility

  • Works closely with the Security Operations Centre, MTR Team, SophosLabs experts, Product Security Engineers and IT.
  • Reports to the Global Security Operations Manager, based in Vancouver.

 

Qualifications

Essential: Educated to bachelor’s degree level or relevant experience.

Desirable: Security-related professional certification (SANS GIAC, GCIH, GPEN, GCFA, Splunk)

Skills & Experience

Essential

  • Scripting experience – Python/Javascript/Go
  • Experience with use case and SIEM content creation
  • Experience with SIEM solutions - Splunk, Kibana, Logstash, Sumo Logic or similar.
  • Cross-platform knowledge of Enterprise IT infrastructure (Networking, Operating Systems, Databases, etc).
  • Strong interpersonal skills
  • Experience with cloud security architectures – particularly AWS and the related tooling
  • Deep knowledge of Operating system internals across Linux & Windows.

Desirable

  • Understanding of SDLC and Devops.
  • Understanding of TCP-IP and Packet Captures
  • Experience working in a global environment.
  • Contributions to open-source security projects and/or publications.
  • Knowledge of Sophos products.
  • Hands on experience of network, memory and host forensics.
  • Hands on experience investigating & responding to comprises by advanced attackers

At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.


Job Segment: Information Security, Linux, Open Source, Technology