Oh oh! Awesome! {$ msg.text $} ({$ msg.count $})

Senior Threat Intelligence Researcher

  • Oulu +4 more
  • Oulu +4 more

WithSecure delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

Our Managed Detection and Response (MDR) business provides a world leading managed service that detects and responds to cyber-attacks on behalf of our clients using a strong combination of people, process and technology.

What we need:

We need an experienced and passionate threat intelligence researcher to join our growing threat intelligence team. We are looking for an individual with strong analytical skills who can identify, analyse and track threat actors. WithSecure has a wide aperture full of valuable data sources relating to both criminal and nation state threats; therefore, the maximisation of the value from these sources combined with open-source intelligence will be a key requirement of the role. Reverse engineering skills and experience are desired, but not essential.

The team has an expanding remit and there is an opportunity to shape the future direction of threat intelligence at WithSecure and focus on delivering real value to organizations beyond the industry hype.

Job duties:

  • Collect and analyse data from a variety of sources to cluster and track activity - and ultimately produce actionable intelligence
  • Analyse malware, infrastructure and other malicious artefacts relating to threat actor activity to extract indicators and tradecraft
  • Provide threat intelligence expertise to tactically support major incident response investigations
  • Provide ongoing threat intelligence insights to assist MDR detection engineering efforts to keep up with the latest threats and offensive tradecraft
  • Contribute to the engineering of tooling to enable WithSecure to effectively detect, track and respond to advanced threat actors
  • To be an active team member who contributes towards a culture of constructive critical analysis in the production of intelligence assessments
  • Effectively manage workload and time to meet deadlines of intelligence requirements

Desirable skills and experience:

  • Experience working in a similar role in threat intelligence, research or incident response that involved elements of threat actor tracking and investigation
  • Experience and detailed technical knowledge of threat actor tradecraft that can be used to develop techniques to discover and track the advanced threats of today and tomorrow across multiple data sets
  • A strong understanding of OS fundamentals and network communication protocols
  • Experience conducting static and dynamic analysis of different complexities of malware (obfuscation, packers, etc) using a variety of tools and techniques (IDA, WinDbg, R2, etc)
  • Experience with programming/scripting languages (python, C#, etc) and exposure to ELK is desirable
  • A passion and willingness to learn and continuously acquire knowledge to keep pace with modern threat actors’ operations and offensive techniques
  • Familiarity with common techniques used by malware and threat actors and the industry standard lexicon for discussing such threats (e.g. MITRE ATT&CK)
  • Excellent written English and communication skills for producing quality intelligence reports to be consumed both at the executive and technical practitioner level

What you will have access to:

MDR Tech Stack – Primarily based on our in-house EDR solution, but increasingly involving cloud-based data as well, this gives us deep visibility over all our customer’s estates (process, memory, network, etc). The data is invaluable both for extracting intelligence and hunting for adversaries and other threats.

In-house Malware Intelligence – We have various in-house technologies connected to different cyber security products we offer across millions of endpoints, which collect huge amounts of data on files seen executing, sandbox executions, URLs visited, certificates observed etc.

Incident Response – Our IR team regularly deals with major incidents across the world which provides insights that are extremely valuable primary source data of the latest interesting threats.

World-class Expertise – WithSecure employs around 1,700 people, a large percentage of which are security experts. Across the various areas of the business, such as consultancy, MDR and security software development, you can find at least one expert in almost any area of technology or security that you can think of.

Our four promises to you:

Freedom – you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented

You will work together with experienced and enthusiastic colleagues, and within WithSecure you will find some of the best minds in the cyber security industry

Your work will be clearly visible and recognised – all over the world and across our business units

You can rely on the support from the entire WithSecure leadership including our top executives

Work with great people

Karolina Malagocka
Senior Marketing Manager
"At F-Secure we see the value of each and every person"
Robert Grześkowiak
Lead Software Engineer
"At F-Secure you won't feel bored. There are opportunities to learn new things every day."
Fairuz Zainor
Researcher
"I joined F-Secure straight after graduating and now, 10 years later, I am still happy to be here."
William Jardine
Managing Consultant
"The freedom is a big thing for me. The trust you are doing something worthwhile."
Robert Grześkowiak
Lead Software Engineer
"At WithSecure you won't feel bored. There are opportunities to learn new things every day."
Fairuz Zainor
Researcher
"I joined WithSecure (previously F-Secure) straight after graduating and now, 10 years later, I am still happy to be here."
William Jardine
Managing Consultant
"The freedom is a big thing for me. The trust you are doing something worthwhile."

Great Place to Work

  • Over 1,700 amazing colleagues in nearly 30 offices

  • Possibility to protect the world

  • Work with best of class experts who care

  • Relaxed, open and fun working environment

  • 68+ of nationalities

  • Global with the spirit of a small company

About the company

Purpose – Why we exist
We are here to build and sustain trust in a digital society
We are here to build and sustain trust in a digital society — trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.

Vision – Where we are heading
No one should experience a serious loss because of a cyber attack
We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.

Mission – What we do
Accelerate transition to outcome-based security
Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.

1988F-Secure established under the name Data Fellows

1992First public hysteria about a computer virus

2002First Antivirus for mobile phones

2004F‑Secure Labs launches first antivirus industry blog

2009F‑Secure’s next step into the cloud

2015F-Secure aims to become the leading European cyber security company

2018MWR InfoSecurity joins F-Secure

Danielle Acott | Contact Person

I'm interested
WithSecure

Oulu +4 more
Visit website