Purple Team Service Lead

Job Description

WithSecure delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

We are growing our defensive teams at WithSecure. As such we are looking for a senior attack detection specialist that will lead and grow our Attack Detection related services within the UK, in collaboration with global peers.

WithSecure consultants are not only expected to be technically competent, but also have strong verbal and written communication skills. In this role you will be introduced to some of the best detection teams in the world, helping push the boundaries of attack detection across multiple industries and geographies.

As part of your role, you’ll be working alongside a passionate and dedicated team, including collaborating on new and exciting projects. You’ll also have the freedom to explore your own personal research projects on bleeding edge technologies.

In addition to leading Attack Detection related services within the UK, we are looking for someone that will be able to provide valuable input and leadership for our in-house Breach and Attack Simulation software, AttackSim.

Key Responsibilities

• Demonstrate strong consulting and leadership skills
• Ability to successfully review a client’s detection capabilities from a people, process, and technology point of view, and build a roadmap that will allow the clients to measurably improve their detection capabilities
• Ability to identify service improvement opportunities and enact such changes in collaboration with global peers.
• Ability to technically execute the atomic attacker actions a client is likely to experience, while understanding how detection for such techniques would be possible
• Strong offensive technical skillset and a detailed understanding of modern attacker techniques.
• Knowledge of offensive Security frameworks such as Metasploit, Co

What are we looking for?

• You will be expected to be client-facing, and deliver Attack Detection & Purple Teaming related consultancy services to WithSecure clients. This includes but is not limited to technical activities, report writing and presentations to senior audiences.
• Contribute to WithSecure labs (labs.f-secure.com) through continued research, present research at conferences and company events
• Lead the development of attack detection services, such as Attack Detection Capability Assessments (ADCA).
• In addition to attack detection services, you will be expected to contribute to other key defensive services such as our Attack Path Mapping, where you will be able to hone your offensive skillsets.
• Play a mentorship role to up and coming offensive security professionals within WithSecure
• Provide sales support and contribute to RFPs where appropriate
• The ability to effectively translate complex technical concepts into layman’s terms for a range of different audiences

What will you get from us

We are looking for someone with a strong interest in purple teaming with the associated technical skills. If you tick the following boxes, we are looking for you!

• Passionate about information security, in particular with regards to attack detection.
• Excellent at communicating to both technical and senior-management audiences
• Innovative mind-set and the ability to challenge existing approaches to information security, specifically with regards to attack detection related services
• You hold one or more well-known certifications, such as OSCP, OSCE, OSEP, CISSP etc.