About Us
Sophos is a cybersecurity leader defending 600,000 organizations globally with an AI-driven platform and expert-led services. Sophos meets organizations wherever they are in their security maturity and grows with them to defeat cyberattacks. Its solutions combine machine learning, automation, and real-time threat intelligence with frontline human expertise from Sophos X-Ops to deliver advanced, 24/7 threat monitoring, detection, and response.
Sophos offers industry-leading managed detection and response (MDR) alongside a comprehensive portfolio of cybersecurity technologies — including endpoint, network, email, and cloud security, extended detection and response (XDR), identity threat detection and response (ITDR), and next-gen SIEM. Together with expert advisory services, these capabilities help organizations proactively reduce risk and respond faster, with the visibility and scalability needed to stay ahead of evolving threats.
Sophos goes to market with a global partner ecosystem, including Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), resellers and distributors, marketplace integrations, and cyber risk partners, giving organizations the flexibility to choose trusted relationships when securing their business. Sophos is headquartered in Oxford, U.K. More information is available at
www.sophos.com.
Role Summary
インシデント対応コンサルタントは、日々高度化するセキュリティ脅威に直面する顧客を支援します。発生したインシデントへの対応だけでなく、効果的なインシデント処理に向けた事前準備の支援も行います。小規模なインシデントから複雑な大規模インシデントまで、技術的調査の実施、攻撃者の行動に基づく根本原因と影響範囲の特定、推奨される対応戦略の提供など、あらゆるインシデント対応を支援します。
Incident Response Consultants support clients who face increasingly sophisticated security threats on a daily basis—not only by responding to incidents as they occur, but also by helping them prepare in advance for effective incident handling. For incidents ranging from small-scale to complex and large-scale breaches, we assist clients by conducting technical investigations, identifying the root cause and scope of impact based on attacker behavior, and providing tailored response recommendations.
Incident response and conducting digital forensic investigations
Conduct technical investigation of complex incidents involving multiple hosts and extensive networks by collecting and analyzing trail/data and reviewing the findings by other consultants.
Prepare reports on incident findings and recommended responses and present at debriefing sessions
Communicate technical issues with the Threat Intelligence team (Counter Threat Unit / CTU) and Technical Testing team
Instructor of technical hands-on training
Participate and lead Threat Hunting projects against targeted attacks
At least 1 year experience with Encase, FTK, X-Ways, F-Response, Volatility, or one or more open source forensic tool(s)
Experience in malware analysis
Understanding of vulnerabilities and the tools to detect and analyze them
Bachelor of Science degree in computer science, computer engineering, electronics, or related technical field, or equivalent work experience
Experience with operating system administration (Microsoft Windows/Linux)
Understanding of attacker motivation and the techniques, strategies, and procedures used by attackers
Understanding of one or more of the following: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI
Experience reporting to department heads and management and reporting technical content tailored to customer contact profiles of varying technical levels and organizational roles
At least one certification in GREM, GCFA, GCFE, CISA or CISSP
Communication in English
Native-level Japanese language skills (At minimum, business-level Japanese language skills are required)
TeecomRemote
Saviynt
Cloudflare