F-Secure
Job title:
Incident Response Investigator
Company
F-Secure
Job description
Job DescriptionAt WithSecure™, we protect businesses all over the world. Our SaaS solutions safeguard against modern cyber threats, and our innovative Co-security approach reflects our belief that true protection requires collaboration and shared expertise.No one can solve every cyber security problem alone.Our vision is to become Europe’s flagship in cyber security. Every day, our talented teams work to prevent cyber extortion, secure critical infrastructure, and prevent misuse of sensitive data.It’s our people who make us exceptional – a diverse community that values passion, purpose, skill, and a commitment to workplace well-being. If you’re ready to make an impact with a company that’s transforming cybersecurity, we’d love to hear from you.We are looking for an Incident Response Investigator to join our team. This is a great opportunity for candidates who have studied computer science, IT security, or Computer Forensics and are interested getting into the fascinating field of pulling apart real-world attacks in a company that is highly innovative, rapidly growing and with lots of opportunities to learn and grow.The primary responsibility of this role is to work with WithSecure’s clients to deliver Investigations and Incident Response services. These services are aimed at responding to and containing security incidents for our clients, with a particular focus on advanced targeted attacks. This can also cover a wide range of areas including digital forensic investigations, proactive compromise assessments and guiding our clients through the complexity of response procedures.The role also requires the ability to clearly communicate to a range of audiences from technical practitioners through to executive boards. This requires the ability to identify technical issues and describe them in the language of the business you are engaged with.A successful candidate should have a good general knowledge of both enterprise IT platforms, networking, systems and cloud infrastructure along with a solid information security background. They will be required to understand the tools, techniques and procedures of threat actors’ together with their likely motivations. It is also critical to have a good understanding of how exploitation of systems occurs and to be able to come up with mitigation and remediation strategies.Key Responsibilities
- Performing consultancy for WithSecure clients and producing high quality reports to present findings and guidance.
- Maintaining target utilization on client chargeable projects whilst working as an Incident Response Investigator.
- Producing output to highlight the technical competence of the company to a standard that can be published.
- Supporting your practice area in successful delivery and growth.
What are we looking for?
- Solid understanding of client-server infrastructures, security architectures and related logging and alerting.
- Knowledge of TCP/IP networking with the ability to perform network forensic analysis.
- Solid understanding of file-system analysis including FAT, NTFS, HFS+ and/or EXT2/3/4 and ability to find and extract common disk-based artefacts.
- Knowledge of Windows, Linux and/or OS X internals together with common forensic artefacts for each platform.
- Knowledge of the phases of Incident Response as defined by NIST.
- Familiarity with common attack techniques.
- Knowledge of and experience in memory analysis.
- Ability to report key findings in a clear and concise manner both at technical and senior management level.
Bonus points
- Knowledge of and experience in Malware Analysis to a minimum level of behavioural analysis.
- Experience with a scripting language such as Python, JavaScript, PowerShell, Bash or comparable is desirable.
- Knowledge of common cloud technologies.
- Experience of programming using languages such as C, C++, C#, Java, Ruby or comparable
- Vendor independent qualification in Incident Response and Forensics such as GIAC, IISFA, IACIS, ISFCE, ECCouncil or CREST certifications (e.g. CFCE, CCE, CIFI, CHFI, ECIH, GCIH, GCIA, GCFA, GCFE, GREM, GCED, Intrusion Analyst, Network or Host Intrusion Analyst or Malware Reverse Engineer).
- Vendor specific qualification such as AccessData Certified Examiner (ACE), Encase Certified Examiner (EnCE) certification or X-Ways Professional in Evidence Recovery Techniques (X-PERT).
- Experience with investigating targeted attacks across large enterprise networks.
- Incident Management experience.
What will you get from us
- Freedom – you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented.
- You will work together with experienced and enthusiastic colleagues, and within WithSecure you will find some of the best minds in the cyber security industry.
- Your work will be clearly visible and recognized – all over the world and across our business unit.
- You can rely on the support from the entire WithSecure leadership including our top executives.
Work with great peopleWilliam JardineManaging Consultant“The freedom is a big thing for me. The trust you are doing something worthwhile.”Fairuz ZainorResearcher“I joined WithSecure (previously F-Secure) straight after graduating and now, 10 years later, I am still happy to be here.”Kinga BaranProgram Manager“WithSecure gives me a feeling of appreciation for what I do as well as ongoing challenges to grow personally. This sounds like a slogan but it really happens here!”Great Place to WorkOver 900 amazing colleagues in 18 officesPossibility to protect the worldWork with best of class experts who careRelaxed, open and fun working environment70+ nationalitiesGlobal with the spirit of a small companyAbout the companyPurpose – Why we exist
We are here to build and sustain trust in a digital society
We are here to build and sustain trust in a digital society – trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.Vision – Where we are heading
No one should experience a serious loss because of a cyber attack
We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.Mission – What we do
Accelerate transition to outcome-based security
Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.Diversity & Inclusion:WithSecure is an equal opportunity employer and believe that employing a diverse workforce is central to our success. We are committed to ensuring all qualified applicants will receive consideration for employment without regard to nationality, colour, race, ethnic or national origin, sex, gender (including gender reassignment), sexual orientation, religion or belief, age, marital status or physical or mental disability.
We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you!
Expected salary
Location
Helsinki
Job date
Fri, 31 Jan 2025 03:00:29 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsineu.net) you saw this job posting.
