Senior Security Engineer

Vancouver, CA, V6C 1W6

Technology Office

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos has major hubs around the globe. More information is available at www.sophos.com


Role Summary

As a security company Sophos has an internal Cybersecurity team which focuses on protecting Sophos’ own systems and infrastructure.


This role is for an experienced Senior Security Engineer to join our Cybersecurity “Blue team”.

This a great opportunity to help secure a world-leading security company. As you’d expect you’ll be joining an organisation that takes security seriously. You will get the opportunity to work with some world-leading experts from across the company in a fast-paced & exciting environment where security is a priority. As an added bonus, though our dogfooding programme, you can also contribute to improving our products.


The ideal candidate will have real-world experience of defensive security, incident response and be familiar with using big-data analytics to hunt for threats.


We’ll need you to help us keep on premise and cloud infrastructure secure. This will involve working with leading commercial and open source tools as-well as establishing and maintaining strong links to industry experts and world-class specialist consultants.


You’ll need to be highly motivated, have an innovative mind-set and able to clearly articulate complex technical security issues.


What You Will Do

As part of this role you will:

  • Lead:
    • The continual-improvement of our threat hunting capabilities & tooling.
    • Investigation & root cause analysis of security events & incidents escalated from our security operation centre.
    • Training and knowledge transfer to peers, the Security Operations Centre and the wider IT team.
    • Opensource tools and papers.
    • Staff education and awareness.
  • Act as a security subject matter expert to support development and operations teams and activities.
  • Design and develop automation to ensure platform, services, and machine security.
  • Develop security monitoring and detection systems. Investigate anomalous events across our service infrastructure and coordinate response with DevOps teams
  • Recommend and help implement improved threat response capabilities into the DevOps platform
  • Assist with code review for deployment automation as well as actual product capabilities
  • Have and maintain (via conferences, etc) a great knowledge of infosec industry trends and developments and advise on changes to the threat landscape.
  • Present and write about issues the team has experienced/innovated in community forums and industry events.

Special Conditions

  • Occasionally required to be available out-of-hours.
  • Some global travel may be required

Organizational Responsibility

  • Works closely with the Security Operations Centre, MTR Team, SophosLabs experts, Product Security Engineers and IT.
  • Reports to the Global Security Operations Manager, based in Vancouver.


What You Will Bring


  • Educated to bachelor’s degree level or relevant experience
  • Scripting experience – Python/Javascript/Go
  • Experience with use case and SIEM content creation
  • Experience with SIEM solutions - Splunk, Kibana, Logstash, Sumo Logic or similar.
  • Cross-platform knowledge of Enterprise IT infrastructure (Networking, Operating Systems, Databases, etc).
  • Strong interpersonal skills
  • Experience with cloud security architectures – particularly AWS and the related tooling
  • Deep knowledge of Operating system internals across Linux & Windows.


  • Security-related professional certification (SANS GIAC, GCIH, GPEN, GCFA, Splunk)
  • Understanding of SDLC and Devops.
  • Understanding of TCP-IP and Packet Captures
  • Experience working in a global environment.
  • Contributions to open-source security projects and/or publications.
  • Knowledge of Sophos products.
  • Hands on experience of network, memory and host forensics.
  • Hands on experience investigating & responding to comprises by advanced attackers


What’s Great About Sophos?

  • Our people are what makes Sophos special – we demonstrate shared vision, talent, innovation, and creativity, all of which are accompanied by a great sense of fun and team spirit.
  • Employee-led diversity and inclusion groups that build community within Sophos and provide internal education and advocacy (eg. Sophos Women in Tech group to improve gender parity, encourage gender-balanced leadership, and support career progression at Sophos)
  • Sophos Environment Network and employee challenges to contribute to sustainability and reduce our environmental footprint
  • Annual commitment to charity and fundraising across our global sites and volunteer days for employees to give back to local communities
  • Global trivia competitions to keep our minds sharp
  • Global Mental Health days off work for all Sophos to help employees relax and recharge
  • Monthly employee wellbeing webinars and training to support employee health and wellbeing
  • Employee rewards and thanks, such as our free annual subscription to Calm


Our Commitment To You

We’re proud of the diverse and inclusive environment we have at Sophos, and we’re committed to ensuring equality of opportunity.   We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants that can contribute to the diversity of our team.  All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation.  We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know.


Data Protection

If you choose to explore an opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunites at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights. If you have any questions about Sophos' data protection practices, please contact dataprotection@sophos.com.

At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.

Job Segment: Open Source, Linux, Technology