Incident Response & Readiness Consultant

Job Description

WithSecure™ protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information, and everything in-between. The best part about working for WithSecure is our people! We are a community of dedicated and passionate professionals that take workplace happiness seriously. If you’re looking for something that’s more than just a job – we’d love to hear from you.

WithSecure’s Managed Services improves our client’s security posture by providing products and services that are driven by highly skilled security experts.

We are looking for an Incident Response and Readiness Consultant to join our Global Incident Response team. This is a great opportunity for someone who has a hybrid profile combining incident response and security management skills. You have hands-on experience in incident response and building up cyber detection and response capabilities. Your skills and experience will help you advise and implement security initiatives related to building resilience to cyber-attacks.

As a person you are curious, open-minded, and aim to continuously improve your work. You aim to share what you equally know and don’t know with others. You’ve tamed the beast of perfection; experimentation is your go-to for growth. Taking ownership comes naturally and you are prone to action.

This role requires the ability to clearly communicate to a range of audiences from technical practitioners through to executive boards and identify technical issues describing them in the language of the business you are engaged with.

Key Responsibilities

• Diagnose client’s problem to get a good understanding of the problem space and drivers.
• Co-design a solution that is either based on WithSecure’s overall service portfolio (i.e. not only incident readiness) or develop a bespoke solution.
• Pro-actively manage the client’s expectations and experience from end-to-end to ensure excellent satisfaction. Engage with a wide range of stakeholders, from IR analysts to C-Level executives;
• Assess the clients’ Incident Readiness across a wide array of security areas, using security standards & regulations or WithSecure’s proprietary readiness capability assessment framework, to enable the clients to understand their existing level of readiness and to co-drive goal setting for future security operating model.
• Design tabletop exercises (TTX) using threat intelligence and technical insights to design realistic threats, attack paths and injects. Provide guidance and feedback to the client’s team to practice their response.
• Deliver first responder training to clients.
• Design playbooks, detection use cases, threat intelligence & hunting processes, to uplift the client’s detection and response capabilities.
• Support the client in developing remediation plans, using a risk-based methodology, and become a trusted advisor by guiding their remediation implementation efforts.
• On an ad-hoc basis, support the Incident Response team with Incident Management & Investigation during major incidents.
• Develop the incident response & readiness service offering by taking initiative to improve existing services or spur your own ideas.

What are we looking for?

At least 3 years experience in at least 3 of the following:

• Assessing & developing information security programs, with a focus on security operations. Have demonstrated experience in implementation and/or assessment of security controls;
• Using risk management methodologies to drive prioritization of security efforts and identification of top risk scenario’s at an application and organisational level;
• Incident Response and/or Security Operation Center development and practices
• Using the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
• Using security frameworks & standards such as the MITRE ATT&CK framework, ISO27001, NIST, GDPR, CIS, PCI DSS
• Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment

What will you get from us

• Freedom – you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented
• You will work together with experienced and enthusiastic colleagues, and within WithSecure you will find some of the best minds in the cyber security industry
• Your work will be clearly visible and recognised – all over the world and across our business units
• You can rely on the support from the entire WithSecure leadership including our top executives