Offensive Threat Researcher

Abingdon, GB, OX14 3YP

Technology Office

Sophos Overview – Cybersecurity Evolved

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.

Offensive Threat Researcher


SophosLabs is recruiting a team of security researchers focused on offensive techniques. This team will work alongside the existing SophosLabs teams, which are focused on protection technology development. The goal is to combine our existing 30 years of expertise in fighting malware with a deeper knowledge of modern hacking techniques to further advance the protection capabilities in our products and services. 


The team will conduct analysis of existing and will research new cyber-attack techniques and tools. One of the tasks is to bypass existing defense mechanisms in order to provide recommendation for product improvements. The team members will share expertise and their research results internally and externally - at conferences, on social networks, by publishing research papers and contributing to defense testing tools and frameworks.


The ideal candidate is passionate about ethical hacking and is keen to apply their skills and talent to improve cyber-defenses as opposed to just reporting on them. This is a unique opportunity for the security researchers who routinely expose gaps in corporate IT security and would like to direct this knowledge to improve security solutions that protects millions of PCs, Macs, servers, networks and mobile devices.


Main Duties:


  • Track and research modern attack techniques and share this knowledge internally and externally
  • Develop deep understanding of popular offensive security tools and frameworks
  • Identify protection gaps in Sophos products and provide suggestions for improvements
  • Discover new mechanisms for orchestrating cyber-attacks and create tools around them for testing existing and future defenses
  • Research 0-day attacks and exploits to fully understand their mechanics
  • Develop and maintain internal “attack playbooks” and testing environments
  • Analyze Sophos cyber-security product portfolio to discover any weak spots or new attack vectors. 
  • Partner and collaborate with the engineering team and other SophosLabs teams to develop remediation recommendations and solutions
  • Write blogs and whitepapers on the topics of cyberattacks, exploits and offensive security


Experience and Skills:

  • Minimum of 2 years of IT offensive security experience, including pentesting, red or purple teams, CTF participation, attack tool development
  • In-depth understanding of modern computing platforms, architectures and ways to attack them and their stored data
  • Programming and automation experience, scripting
  • Strong understanding of Internet technologies and protocols
  • Knowledge of software exploitation techniques in modern operation systems
  • Knowledge of malware and anti-malware problem domain
  • Reverse engineering of executable files
  • Good understanding of file formats used as attack vectors
  • Excellent written and verbal communication skills




  • Advanced vulnerability analysis and exploitation skills
  • Static and dynamic malware analysis
  • Network protocol analysis
  • Open-source software contributions
  • “Ethical hacking” focused certifications

Equal Opportunities & Privacy

Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation. If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos.  If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.  If you have any questions about Sophos’ data protection practices, please contact dataprotection@sophos.com.


At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.

Job Segment: Cloud, Testing, Open Source, Technology