Here, Anthony details how his career has developed at Sophos and offers insights into how he progressed into the role of Team Lead:
“It was the winter of 2020 during the early stages of the Covid pandemic, and I was working as an IT security analyst at a state university. My role at the time did not offer benefits such as working from home, paid training, or career growth opportunities. So, when I received a message on LinkedIn from a Sophos recruiter, explaining Sophos’ better pay and work from home options, as well as the opportunity to join the cybersecurity frontlines to defend against advanced cyber threats and adversaries, taking the job was a no brainer for me!
At the time, Sophos Managed Detection and Response (MDR) was in its early stages. The opportunity to join a relatively new team and help grow it into something larger was enticing. On my first day in January 2021, we had roughly 3,000 customers. Today, we have over 13,000 and are still growing.
Working as a Threat Analyst
Sophos MDR is a 24x7x365 cybersecurity service that monitors and responds to threats within thousands of customer environments. The Sophos MDR Operations Team is composed of many distinct roles and functions with my role being that of Threat Analyst. The day-to-day job consists of completing detection investigations and responding to active incidents. Active incidents are what we consider full-on incident response engagements. Incidents are declared when the MDR team has identified adversarial activity that indicates “hands-on-keyboard” attacks. We then spin up our procedures to contain and neutralize the threat. I would consider incidents as one of our most critical assignments for a Threat Analyst.
It can be nerve wracking working on an incident, especially as a newer analyst with limited endpoint detection and response experience. Luckily, I had a global team that was right there by my side. And one of the best parts about it is I didn’t have to drive to work to experience this support.
Sophos MDR is 100% work from home. This is a huge benefit for me and my family. The days of big fancy security operation command centers and cubicles are gone. I save so much time and money not having to drive to a company office. Sophos provides all our analysts with the tools and applications we need to be successful. Sophos provided a work from home stipend to help cover the costs of setting up my home office. I purchased a standup desk. A laptop, monitors, and a headset are shipped directly to you before your first day. We use instant communications apps like Slack and Teams to stay in contact during our day-to-day work, as if we were in the same room.
Utilizing Professional Development
As a Threat Analyst, and now a Team Lead, an important benefit for me is the opportunity to improve my skillsets, and Sophos offers many opportunities to achieve this.
One of the first resources I utilized during my first year as an analyst was LinkedIn Learning. Coming into Sophos I had limited PowerShell experience. Fortunately, I was able to utilize LinkedIn Learning to help fast track my knowledge along with on-the-job experience.
Sophos also provides a premium subscription to Cybrary. This is a great resource for a lot of our analysts, including myself. As someone who thoroughly enjoys continued education, this is another opportunity for me to improve my cybersecurity knowledge and skills. I have my eye on the CISSP course and many of my analysts are completing pen testing, blue team, and leadership courses. The MDR team designates multiple days each month for professional development. This is a much-needed break wherein analysts can step away from day-to-day work and really focus on things that interest them — such as research, projects, and professional development.
Finally, I cannot forget the SANS Institute, easily considered one of the best resources for security training and education a cybersecurity professional could ask for. I was fortunate enough to attend a SANS course on building and leading security operation centers over the summer and passed the certification exam in the fall.
Sophos understands the importance of investing in employees. LinkedIn Learning, Cybrary, and SANS are all great resources that have helped me become an effective threat analyst, leader, and successful at Sophos.
A Sense of Community
In addition to the benefit of working from home and professional development, Sophos also offers a sense of community. From cultural events and initiatives led by HR to fitness competitions to promote a healthy lifestyle, these activities are great ways to meet new people across our large organization.
Some may have concerns about working from home. How will I feel like I’m a part of a team if I never meet my co-workers? For me, I couldn’t feel more connected. The Sophos MDR team does an excellent job of building comradery. We have competitions in online games, a fantasy football league (with an actual trophy), capture the flag (CTF) competitions, March Madness brackets, and so much more! The community aspect has been a factor in my success here and I’m thrilled to see it continue to grow.”