Who you are

• Comprehensive experience in both readiness and incident response
• Strong analytical and problem-solving skills
• Ability to lead and mentor cross-functional teams
• Excellent communication skills, including executive briefings
• Proven ability to manage high-stakes engagements
• Experience with forensic tools and techniques (e.g., EDR, log analysis, malware analysis)
• Familiarity with enterprise environments including Windows, Linux, Azure, AWS, and M365
• Strong understanding of attacker Tactics, Techniques, and Procedures (TTPs) and modern detection and response strategies
• Willingness to travel up to 20%, including on short notice, to support on-site customer engagements
• 12–15 years of experience in cybersecurity or related fields, with a focus on incident response and readiness
• Demonstrated ability to lead high-profile incidents and readiness initiatives
• Relevant certifications (e.g., GIAC, CISSP, CISM, or similar) are a plus but not required; proven impact and expertise are primary qualifiers
• Research shows that candidates sometimes hesitate to apply if they don't check every box in a job description. We challenge that notion. Your unique experiences and skills might be exactly what we need to enhance our team. Don't let a checklist hold you back – we encourage you to apply

What the job involves

• As a Principal Incident Response & Readiness Consultant, you will serve as a trusted advisor, leading both proactive and emergency engagements with enterprise customers
• Leveraging your comprehensive expertise in cybersecurity, you will help organizations prepare for and respond to cyber incidents, combining strategic readiness consulting with direct guidance through complex cyber incidents
• Conduct comprehensive reviews of incident response plans, identifying gaps and developing tailored strategies to strengthen organizational preparedness
• Design and deliver customized incident response playbooks to address specific threats and operational needs
• Facilitate training sessions on incident response fundamentals to build customer capabilities
• Lead workshops, tabletop exercises, drills, and functional simulations to evaluate and improve readiness
• Provide strategic guidance to customers on integrating readiness into broader security programs
• Contribute to the development of readiness methodologies and internal knowledge sharing
• Serve as a subject matter expert in digital forensics and incident response (DFIR)
• Lead large-scale, complex investigations involving host, network, and cloud artifacts to determine the nature, scope, and root cause of cyber incidents
• Collaborate and coordinate with cross-functional incident response teams
• Guide containment, remediation, and recovery efforts to secure environments post-incident
• Maintain a professional, calming, and authoritative presence during high-pressure incidents
• Brief senior leadership and technical teams on findings, risks, and recommendations
• Support the development of incident response methodologies and contribute to internal capability building
• Participate in a 24x7 emergency response rotation which includes weekends

Benefits

• Remote-first working model & hybrid options
• We encourage teams to get together in person periodically to help facilitate teamwork
• Flexible start and end times for many roles
• Leadership development program
• Access to LinkedIn Learning
• Global internal coaching program (Coach Match)
• Periodic Sophos wellness days off for all Sophos to help employees relax and recharge
• Global wellbeing program, which offers a range of wellbeing resources, including Sophos Wellbeing Webinars, Stress Management Toolkits, and Developing Resilience Courses
• Free Employee Assistance Program (EAP) for confidential advice and counseling on a wide range of work and personal issues
• Free annual subscription to the Calm app
• Paid parental leave, caregiver leave & bereavement/compassion leave available
• We host some unforgettable social experiences for our global teams including our music festival SOPH-Fest, go-karting, Sophmudder, and incredible holiday parties!
• Our annual global fitness challenge, SOPH-Fit, sees thousands of employees taking part in our virtual global race around the world
• Each quarter, we celebrate our exceptional global team by running the Sophos Values Awards, which recognizes and rewards employees who embody the Sophos values and who we are as a company
• Health care benefits available worldwide