About Us
Sophos is a cybersecurity leader defending 600,000 organizations globally with an AI-driven platform and expert-led services. Sophos meets organizations wherever they are in their security maturity and grows with them to defeat cyberattacks. Its solutions combine machine learning, automation, and real-time threat intelligence with frontline human expertise from Sophos X-Ops to deliver advanced, 24/7 threat monitoring, detection, and response.
Sophos offers industry-leading managed detection and response (MDR) alongside a comprehensive portfolio of cybersecurity technologies — including endpoint, network, email, and cloud security, extended detection and response (XDR), identity threat detection and response (ITDR), and next-gen SIEM. Together with expert advisory services, these capabilities help organizations proactively reduce risk and respond faster, with the visibility and scalability needed to stay ahead of evolving threats.
Sophos goes to market with a global partner ecosystem, including Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), resellers and distributors, marketplace integrations, and cyber risk partners, giving organizations the flexibility to choose trusted relationships when securing their business. Sophos is headquartered in Oxford, U.K. More information is available at
www.sophos.com.
Role Summary
As a MDR Senior Threat Analyst on our Managed Detection and Response (MDR) team, you will provide best-in-class monitoring, detection, and response services to proactively defend customer environments before attacks prevail. You will lead, work alongside and contribute to a team of incident response analysts, cyber threat hunters, engineers, and ethical hackers by using enterprise, log analysis and endpoint collection systems to facilitate investigations, identification, and neutralization of cyber threats.
What You Will Do (Duties and Responsibilities)
Lead shift operations and coordinate response activities across the MDR SecOps team during assigned shifts
Mentor and guide lower tier analysts, providing technical expertise and escalation support for complex investigations
Oversee end-to-end analysis of sophisticated threats, coordinating multi-analyst investigations and ensuring comprehensive scope assessment
Drive technical decision-making during critical incidents, determining escalation paths and resource allocation
Lead threat hunting initiatives across the MDR customer base and coordinating team efforts
Refine detection logic, working with engineering teams to reduce false positives and improve detection efficacy
Serve as subject matter expert on advanced persistent threats, zero-day exploits, and emerging attack vectors
Coordinate cross-functional collaboration with adjacent projects
Use, maintain and develop internal playbooks, investigation methodologies, and technical documentation
Lead client escalations for high-severity incidents, providing technical briefings and coordinating remediation efforts
Participate in continuous improvement initiatives within the SOC, identifying process gaps and implementing solutions
Manage shift handovers and ensure seamless 24/7 operations across global teams
Conduct in-depth malware analysis when required for complex investigations
Participate as a SOC representative in technical discussions with product teams, threat research, and customer success organizations when needed
Ensure knowledge transfer and capability development across the analyst team through training and mentorship
What You Will Bring (Experience and Qualifications)
5+ years of progressive experience in a SOC or advanced cybersecurity roles with demonstrated leadership capabilities
Advanced-level proficiency with endpoint and network security tools (EDR/XDR, SIEM, threat intelligence platforms) and ability to understand detection strategies
Advanced knowledge of Windows, Linux (macOS is a plus) environments including system internals, forensic artifacts, and attack surface analysis
Proven experience leading incident response efforts, coordinating cross-functional teams, and managing complex security investigations
Background in threat hunting with ability to develop hunting queries, and behavioral analytics
Demonstrated experience mentoring junior analysts and developing team capabilities through knowledge transfer and training
Deep understanding of MITRE ATT&CK framework, advanced persistent threat tactics, and emerging attack vectors
Experience with malware analysis and advanced forensic techniques for complex threat investigations
Ability to manage shift operations, coordinate global handovers, and maintain 24/7 SOC effectiveness
Experience working with adjacent teams (engineering, product, threat research) to drive security enhancements and tooling improvements
Track record of developing and implementing SOC processes, playbooks, and operational procedures
Industry certifications such as GCIH, GCFA, GNFA, CISSP, or equivalent are desirable
Bachelor's degree in Information Technology, Computer Science, Cybersecurity or related field, or equivalent extensive practical experience
Fluent English communication skills with ability to articulate complex technical concepts to diverse audiences
Flexibility to work rotating shifts including nights, weekends, and holidays as part of 24x7x365 operations