Senior Incident Response Investigator

F-Secure

  • Helsinki
  • Vakituinen
  • Täyspäiväinen
  • 6 tuntia sitten
Job DescriptionWithSecure™ delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts - diverse, talented, and passionate people - working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.WithSecure™ protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information, and everything in-between. The best part about working for WithSecure is our people! We are a community of dedicated and passionate professionals that take workplace happiness seriously. If you're looking for something that's more than just a job - we'd love to hear from you.The role also requires the ability to clearly communicate to a range of audiences from technical practitioners through to executive boards. This requires the ability to identify technical issues and describe them in the language of the business leaders you are engaged with.A successful candidate should have an experience of both enterprise IT platforms and information security. They will be required to understand the motivations and methods adopted by a wide range of threat sources with a good understanding of how exploitation of systems occurs.In addition, supporting Incident Readiness activities (such as Tabletop sessions, Client Training, and Playbook creation), when not actively supporting investigations.Key Responsibilities
  • Performing investigations for WithSecure clients and producing high quality reports to present findings and guidance.
  • Maintaining target utilization on client chargeable projects whilst working as a Senior Incident Response Investigator.
  • Producing output to highlight the technical competence of the company to a standard that can be published.
  • Supporting your practice area in successful delivery and growth.
  • Mentoring juniors along with supporting key business objectives though advice and guidance based on current industry trends.
What are we looking for?
  • CISSP qualification or equivalent experience
  • Experience with investigating targeted attacks across large enterprise networks
  • Demonstrable experience of client-server infrastructures, security architectures and related logging and alerting across multiple operating systems
  • Demonstrable experience networking with the ability to perform network forensic analysis down to packet level
  • Demonstrable detailed knowledge of file-system analysis including FAT, NTFS, HFS+ and/or EXT2/3/4 and ability to find and extract common disk-based indicators of compromise
  • Knowledge of Windows, Linux and/or OS X internals and able to demonstrate knowledge of key system artefacts for each platform
  • Able to articulate the phases of Incident Response as defined by NIST
  • Familiarity MITRE ATT&CK Matrix for Enterprise framework
  • Knowledge of and experience in memory analysis
  • Ability to report key findings in a clear and concise manner both at technical and senior management level
Bonus points
  • Experience in Malware Analysis to a minimum level of behavioral analysis
  • Familiarity with one or more scripting language such as Python, Ruby, PowerShell or Bash is desirable
  • Experience of common cloud technologies
  • Vendor independent qualification in Incident Response and Forensics such as GIAC, IISFA, IACIS, ISFCE, ECCouncil or CREST certifications (e.g. CFCE, CCE, CIFI, CHFI, ECIH, GCIH, GCIA, GCFA, GCFE, GREM, GCED, Intrusion Analyst, Network or Host Intrusion Analyst or Malware Reverse Engineer)
  • Vendor specific qualification such as AccessData Certified Examiner (ACE), Encase Certified Examiner (EnCE) certification or X-Ways Professional in Evidence Recovery Techniques (X-PERT)
What will you get from us
  • Freedom - you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented.
  • You will work together with experienced and enthusiastic colleagues, and within WithSecure you will find some of the best minds in the cyber security industry.
  • Your work will be clearly visible and recognised - all over the world and across our business units.
  • You can rely on the support from the entire WithSecure leadership including our top executives.
Work with great peopleKinga BaranProduct Operations Lead"You can develop yourself in many contexts."Joni Vatjus-AnttilaDirector, Customer Success Management"Being able to say that our job is to keep our customers safe is everything to me. It creates a sense of purpose."Łukasz KwiecińskiSenior Manager, R&D"Working here has been a transformative experience - the sophisticated challenges drive rapid growth, while the friendly, supportive team makes even the toughest problems easier to tackle."Great Place to WorkOver 900 amazing colleagues in 18 officesPossibility to protect the worldWork with best of class experts who careRelaxed, open and fun working environment70+ nationalitiesGlobal with the spirit of a small companyAbout the companyPurpose - Why we exist
We are here to build and sustain trust in a digital society
We are here to build and sustain trust in a digital society - trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.Vision - Where we are heading
No one should experience a serious loss because of a cyber attack
We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.Mission - What we do
Accelerate transition to outcome-based security
Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers' and partners' transition to outcome-based security.Diversity & Inclusion:WithSecure is an equal opportunity employer and believe that employing a diverse workforce is central to our success. We are committed to ensuring all qualified applicants will receive consideration for employment without regard to nationality, colour, race, ethnic or national origin, sex, gender (including gender reassignment), sexual orientation, religion or belief, age, marital status or physical or mental disability.
We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you!

F-Secure

Samnkaltaiset työpaikat

  • Senior Paid Search Specialist

    Mediabrands

    • Helsinki
    Mediabrands Finlandiin kuuluvat mediatoimistot Virta UM ja Initiative, mainosteknologiaan, dataan ja tulospohjaiseen markkinointiin erikoistunut asiantuntijatoimisto Kinesso, asiak…
    • 2 päivää sitten

  • Senior data- ja raportointiasiantuntija | DigiHelsinki Oy

    MPS Career Oy

    • Helsinki
    Haluatko olla mukana rakentamassa modernia raportointiympäristöä ja kehittämässä tiedolla johtamista? Haemme nyt Senior data- ja raportointiasiantuntijaa, joka osaa yhdistää liik…
    • 2 päivää sitten

  • UKKO.fi Senior Backend Developer (3 paikkaa)

    aTalent Recruiting Oy

    • Helsinki
    Innostutko laadukkaiden ja käyttäjälähtöisten ratkaisujen rakentamisesta? Tule kehittämään UKKO.fin palveluita! Työn kuvaus: Työsopimuksen tyyppi: vakituinen, kokoaikainen Sij…
    • 3 päivää sitten