Loading...

Free AI Resume Builder — land more interviews with a polished resume in minutes.

Try it free

‹Senior Penetration Testing Analyst

Similar live opening The link you followed was closed or not ready — this is a matching published job.
  • Company: Sophos
  • Location: Japan, Philippines, Thailand
Apply on company site

Sophos — company details are preparing and update automatically in a few seconds (or refresh).

Sophos is hiring a Senior Penetration Testing Analyst to join its offensive security team across Japan, the Philippines, and Thailand — a full-time, on-site role for an experienced ethical hacker ready to expose and exploit real-world vulnerabilities before adversaries can.

About the Role

As a Senior Penetration Testing Analyst at Sophos, you will apply hands-on threat intelligence to uncover, validate, and weaponize weaknesses inside client environments. Your work will center on one of three disciplines: application security (web and API penetration testing), network security (vulnerability assessments, external and internal penetration tests), or Red Team exercises that simulate genuine cyberattacks. Mastery of every area is not expected — strength in your focus discipline matters most, and broader exposure is a welcome bonus.

Key Responsibilities

  • Run application security assessments (web, mobile, API) or network penetration tests using commercial and in-house exploitation tooling, including manual testing for advanced attack scenarios.
  • Translate findings into clear, professional security assessment reports and deliver them directly to clients.
  • Lead client calls spanning project kick-offs, urgent high- and critical-severity notifications, and close-out sessions covering evidence, reproduction steps, and remediation guidance.
  • Research emerging threats, vulnerabilities, and exploits to keep your testing sharp.
  • Operate effectively both as a self-directed contributor and within a larger team, and act as a service owner who mentors and technically guides junior colleagues.

Qualifications

  • At least five years of experience in web application or penetration testing.
  • At least five years using one or more of Nmap, Metasploit, Kali Linux, or Burp Suite.
  • Native-level Japanese (business-level Japanese at minimum) plus business-level English.
  • Solid grasp of TCP/IP networking and working knowledge of SQL and high-level languages.
  • Deep familiarity with common vulnerabilities such as the OWASP Top 10 and diverse application attack vectors.
  • Desirable: offensive certifications (GPEN, GWAPT, OSCP, OSEP, OSWE, OSWP), Windows Active Directory or AWS/Azure/GCP testing experience, and a degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field — or equivalent professional experience.
  • Strong written and verbal technical communication, sharp analytical thinking, and a track record of helping teammates succeed.

About Sophos

Sophos is a global cybersecurity leader protecting 600,000 organizations through an AI-driven platform and expert-led services, including industry-leading managed detection and response, endpoint, network, email, and cloud security. Headquartered in Oxford, U.K., Sophos pairs machine learning and automation with the human expertise of Sophos X-Ops.

How to Apply

To apply, complete your application directly on this page, or you'll be redirected to the employer's application platform to finish submitting there.

Apply on company site

You’ll finish your application on the employer’s website. We don’t ask for a resume on this page.

Local insights for this role are preparing — this section updates automatically in a few seconds (or refresh).

Listing facts

  • Role
  • Employer Sophos
  • Location Japan, Philippines, Thailand
  • Type Full Time
  • Posted June 21, 2026
  • Apply by 2026-07-21
  • Country context Thailand
  • Overview Full original description on this page (432 words; rewritten for clarity, not a teaser paste)

Facts above come from this job record on Get A Job.AI — not copied from third-party review sites.

Public discussions & open sources

Attributed public threads and profiles — not employee reviews or star ratings.

Cached public sources (Hacker News, Dev.to, GitHub, etc.).

Employer website

sophos.com

Limited public data for this employer

We only show facts we can ground in public sources (Wikidata, O*NET, news/discussion links, or this listing). We do not invent Glassdoor-style ratings, salaries, or testimonials when data is thin. Use the listing facts, occupation context, and related openings below while we continue researching.

Explore related openings

2 other opening(s) at Sophos on Get A Job.AI

Research this employer

Pull public facts we already cached for this company (Wikipedia, news, discussions). We never invent Glassdoor-style ratings.

Open interview kit (print-friendly)

Get email alerts for jobs like this

Free candidate alerts — we email you when matching roles go live.

Create alert for “Sophosâ€

Keep exploring on Get A Job.ai

Not quite the right fit? Your next opportunity is a click away.

Hiring instead? Post a job and reach candidates searching right now.

?Senior Penetration Testing Analyst… Sophos · Japan, Philippines, Thailand