Team Lead 2, Penetration Testing

About Us

Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.

Role Summary

ソフォスは、日本を拠点とする「Sophos Red Team」のリーダーを募集しています。このポジションでは、確立された実績のある、高いパフォーマンスを発揮する攻撃的セキュリティ専門家チームを率いていただきます。当社の文化は、謙虚でありながら情熱に満ち、高度な技術力を持ち、サイバーセキュリティへの情熱を共有するプロフェッショナルたちが織りなす、ユニークなものです。このマネージャー職は、レッドチームのシニアリーダーシップおよびAPJ North/Japan担当ディレクターと緊密に連携し、他の部門横断的なパートナーとも協力し、卓越したサービス提供を実現します。理想的な候補者は、攻撃セキュリティチームの管理および運営経験を有していることが求められます。マネージャーとして、特定のプラクティスサービスの提供とその運営を実現する責任を負い、営業やその他の組織と緊密に連携して、プラクティスの成長を推進します。 

Sophos is looking for a Japan based leader on the Sophos Red Team in Japan to lead a well-established, high performing team of offensive security professionals.  Our culture is a unique mix of low ego – high energy, highly technical, and motivated professionals with a passion for cybersecurity. This manager position will partner closely with the Red Team senior leadership and the Director of APJ North/Japan, and will work collaboratively with other cross-functional partners to achieve service delivery excellence. The ideal candidate will have experience in managing and operating offensive security teams. As a manager this role will be responsible for achieving select practice service delivery and its operations, and partner closely with sales and other organizations to help grow the practice.  

What You Will Do

• 複数年にわたるサービス開発と提供の構築を主導し、会社の目標達成と攻撃型セキュリティ分野における業界リーダーとしての地位強化に貢献する 

• 攻撃型セキュリティ業務（侵入テスト、アプリケーションセキュリティテスト、本格的なレッドチームなど）を提供する、高いパフォーマンスを発揮するテクニカルコンサルタントチームの管理およびリーダーシップの支援。 

• バックログ、稼働率、およびリソースとスケジュールの管理支援。 

• 営業組織やその他の事業開発リーダーと連携し、複雑な攻撃型テストのニーズにおいて「頼れる存在」として認識される。 

• チーム内の効率性を向上させるための機会（人材、プロセス、テクノロジー）を特定する。 

• Sophos Red Teamのサービスポートフォリオを代表し、新しいサービス、機能、オファーを特定・推進する。また、思想的リーダーシップを発揮し、ポートフォリオ内のサービスに関連する市場投入戦略を策定する。 

• 変化を受け入れ、アイデアを積極的に提案し、他者の意見に耳を傾け、他者から学ぶ意欲を持つ。現状に挑戦する姿勢を持つ。 

• チームのキャリア開発を促進し、その機会（カンファレンス、研修、資格取得、メンター制度など）を積極的に支援する。 

• NPS（ネットプロモータースコア）および顧客満足度を管理し、実績が期待される目標を達成または上回るようにする。最高水準の顧客サービスを提供する文化を維持する  

• Help develop and lead a multi-year service, delivery to meet company objectives and reinforce our position as an industry leader in offensive security. 

• Manage and help leading a high performing team of technical consultants delivering offensive security engagements (penetration testing, application security testing, full scale Red Team, etc.) 

• Help to manage backlog, utilization, and scheduling of engagements and resources.   

• Partner with the sales organization and other business development leaders and be seen as a “go to” for complex adversarial testing needs. 

• Identify opportunities – people, process, and technology --to improve efficiencies within the team 

• Help represent the Sophos Red Team services portfolio; identify and champion new services, capabilities, and offers; provide thought leadership; and develop an associated go-to-market strategy for the services in the portfolio 

• Willingness to changes, to contribute ideas, listen to others, and learn from others. Challenge the status quo. 

• Help foster career development and champion career development opportunities for the team (conferences, training, certifications, mentoring, etc.)  

• Own NPS/customer satisfaction and ensure practice meets/exceeds expected targets. Maintain a culture of premium customer service

 

What You Will Bring

• サイバーセキュリティ業界において、攻撃・防御・研究チームを率いた5年以上の実務経験があり、特にダイナミックで変化の激しい環境での経験があれば尚可。 

• 中小企業レベルでのプリセールスおよびポストセールスにおけるサービス提供経験。 

• 高いパフォーマンスを発揮するチームを管理し、強固なチーム文化を維持・強化できる能力。 

• 優れた口頭および書面によるコミュニケーション能力、および実務経験。（経営幹部層への報告経験があれば尚可） 

• グローバル、リモート、多文化チームでの勤務経験。 

• 優先順位付け、業務の委任、および厳しい納期内にタスクを完了させる能力。 

• 優れた対人スキル、自発性、積極性、意欲性、チームワーク能力。 

• 結果重視かつ顧客志向であること。 

• 課題解決において、主体性と適格な判断力を発揮できる能力。 

• 経営陣の支援を得つつ、ステークホルダーとの対立を管理、交渉を効果的に行える能力。 

• マトリックス型のコンサルティング環境において、技術チームの指導・育成経験。 

• 業務遂行に十分な日本語能力は必須。

 

【応募要件 – （WANT】 

• 情報セキュリティ分野での5年以上の実務経験。 

• サイバーセキュリティに関連する専門学位、または同等の実務経験。 

• OSCP、OSWP、OSEP、OSWA、OSWE、CEH、GPEN、GCPN、GWAPT、CISSPなどの技術資格または専門的な資格があれば尚可。 

• 営業部門と連携し、案件の範囲設定、提案書の作成などを行った経験。 

• サイバーセキュリティ業界のフォーラムやイベントへの参加経験（講演や執筆活動（ホワイトペーパー、ブログなど）を含む）。 

• ビジネスレベルの英語力があれば尚可。 

• 5+years in the cybersecurity industry leading offensive, defensive, or research teams, preferably in dynamic and fast changing environments. 

• Presales and post sales delivery experience at the SME Level 

• Demonstrated ability to manage high-performing teams as well as maintain and enhance a strong team culture. 

• Excellent verbal and written communication skills with experience – ideally briefing executive management level also. 

• Experience working with global, remote, multi-cultural teams. 

• Ability to prioritize, delegate and complete tasks within tight timeframes to meets deadlines. 

• Strong interpersonal skills, self-starting, proactive, motivated, team player. 

• Results orientated and customer focused. 

• Ability to demonstrate initiative and good judgment in resolving issues. 

• Effective at managing conflict and negotiating with stakeholders, with support from senior leaderships. 

• Experience mentoring and leading technical teams in a matrixed consulting environment. 

• Fluent Japanese proficiency in running business required.

 

Preferences: 

• 5+ years of information security experience. 
• Professional degree relevant to cybersecurity or equivalent work experience. 
• Technical or professional certifications, such as OSCP, OSWP, OSEP, OSWA, OSWE, CEH, GPEN, GCPN, GWAPT, CISSP are a plus. 
• Experience working with sales in scoping engagements, creating proposals, etc. 
• Participation in cybersecurity industry forums and events, including speaking events and written publications (white papers, blogs, etc.).   
• Business level English is a plus.

 

#B2

#LI-Remote

Ready to Join Us?

At Sophos, we believe in the power of diverse perspectives to fuel innovation. Research shows that candidates sometimes hesitate to apply if they don't check every box in a job description. We challenge that notion. Your unique experiences and skills might be exactly what we need to enhance our team. Don't let a checklist hold you back – we encourage you to apply.

What's Great About Sophos?

·   Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach. While we are a remote first organization, applicants must have legal authorization to work in the jurisdiction where the position is posted, without requiring employer sponsorship.

·   Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit

·   Employee-led diversity and inclusion networks that build community and provide education and advocacy

·   Annual charity and fundraising initiatives and volunteer days for employees to support local communities

·   Global employee sustainability initiatives to reduce our environmental footprint

·   Global fitness and trivia competitions to keep our bodies and minds sharp

·   Global wellbeing days for employees to relax and recharge 

·   Monthly wellbeing webinars and training to support employee health and wellbeing

Our Commitment To You

We’re proud of the diverse and inclusive environment we have at Sophos, and we’re committed to ensuring equality of opportunity.   We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team.  All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation.  We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know. 

Data Protection

If you choose to explore an opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos.  If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights.  For more information on Sophos’ data protection practices, please consult our Privacy Policy Cybersecurity as a Service Delivered | Sophos