Mid Level Incident Readiness Consultant

Job Description

WithSecure™ protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information, and everything in-between. The best part about working for WithSecure is our people! We are a community of dedicated and passionate professionals that take workplace happiness seriously. If you’re looking for something that’s more than just a job – we’d love to hear from you.

We are looking for a Mid-Level Incident Readiness Consultant to join our Global Incident Response & Readiness team. This is a great opportunity for someone who has a hybrid profile combining incident response and security management skills. You have hands-on experience in incident response and building up cyber detection and response capabilities. Your skills and experience will help you advise and implement security initiatives related to building resilience to cyber-attacks. You are a fantastic communicator who enjoys high-engagement interactions to ensure client satisfaction.

Key Responsibilities

• Design tabletop exercises (TTX) to simulate realistic cyber incident scenario’s, to enable organizations to train and validate their response capabilities.
• Use threat intelligence and technical insights from technical reports (red team, purple team, application pentests,...) to craft realistic threats and attack paths into incident scenario’s
• Lead TTXs that follow WithSecure's standard delivery models, provide guidance and feedback to the client’s team to uplift and practice their response.
• Design & implement playbooks to uplift the client’s detection and response capabilities.
• Assess organization's Incident Readiness across a wide array of security areas, using security standards (ISO 271k, PCI DSS) & regulations (NIS) or WithSecure’s proprietary readiness capability assessment framework.
• Support the client in developing remediation plans, using a risk-based methodology, and become a trusted advisor by guiding their remediation implementation efforts.
• Train junior consultants to deliver tabletop exercises, playbooks, incident readiness capability assessment and remediation planning.
• Produce high quality reporting and project plans with recommendations and activities to help clients improve their incident readiness.
• On an ad-hoc basis, support the Incident Response team with Incident Management & Investigation during major incidents.
• Develop the incident readiness service offering by taking initiative to improve existing services or spur your own ideas.

What are we looking for?

At least 3-5 years experience in the following:

• Consulting; Cybersecurity and/or incident response consulting, where you have reached the ability to lead projects/programs and have trained junior consultants.
• Domain expertise: leading role/key support role in security operations, designing organizations to work together as a whole to detect, respond and manage cyber incidents.
• Project & program management: Designing and running 1 to 3 year information security programs based on a sound strategy and continuous engagement.

• Risk management: Using risk management methodologies to drive prioritization of security efforts and identification of top risk scenario’s at an application and organizational level.

• Control/security posture assessments: Understanding of security controls for common platforms and devices (Windows, Unix, Linux, and network equipment) and understanding of the differences between on-prem/hybrid/cloud-native context. Able to use security frameworks & standards such as the MITRE ATT&CK/DEFEND framework, ISO27001, NIST, GDPR, CIS, PCI DSS to assess a clients security posture and communicate identified risks.

• Implementation: defining processes/configurations to implement technical & administrative security controls. Designing short- to mid-term remediation plans during the containment & eradication & recovery phases of a cyber incident.

And we expect that you are:

• A clear and concise communicator who can easily articulate complex technical & organizational problems and solutions.
• Able to maintain positive working relationships with a wide range of roles & responsibilities (from operations to executive & board level).
• Curious, open-minded and eager to spend time on research that you. readily share with a broad audience (internally, at security conferences, and in blogposts,..).
• Able to deal with situations that require you to develop new solutions/ways of thinking.
• Able to take ownership and are prone to action.
• Able to travel up to 10-20% of the time.

What will you get from us

• Freedom – you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented
• You will work together with experienced and enthusiastic colleagues, and within WithSecure you will find some of the best minds in the cyber security industry
• Your work will be clearly visible and recognized – all over the world and across our business units
• You can rely on the support from the entire WithSecure leadership including our top executives