WithSecure delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.
We are looking for a Senior Incident Response Consultant to join our growing global team. This is a great opportunity for someone who has studied computer science, IT security, or Computer Forensics and are interested getting into the fascinating field of pulling apart real-world attacks in a company that is highly innovative, rapidly growing and with lots of opportunities to learn and grow.
The primary responsibility of this role is to work with WithSecure’s clients to deliver Investigations and Incident Response services. These services are aimed at responding to and containing security incidents for our clients, with a particular focus on advanced targeted attacks. This can also cover a wide range of areas including forensic investigations, proactive compromise assessments and guiding our clients through the implementation of response procedures.
This role requires the ability to clearly communicate to a range of audiences from technical practitioners through to executive boards and identify technical issues describing them in the language of the business you are engaged with.
A successful candidate should have a good general knowledge of both enterprise IT platforms and information security. They will be required to understand the motivations and methods adopted by a wide range of threat sources with a good understanding of how exploitation of systems occurs.
What are we looking for?
Knowledge of the phases of Incident Response as defined by NIST
Familiarity with common attack techniques
Ability to report key findings in a clear and concise manner both at technical and senior management level
Knowledge of TCP/IP networking with the ability to perform network forensic analysis
Solid understanding of file-system analysis and the ability to find and extract common disk-based indicators of compromise
Experience in Malware Analysis
Experience with a scripting language such as Python, Ruby, Powershell or Bash
Knowledge of common cloud technologies
Vendor independent qualification in Incident Response and Forensics such as GIAC, IISFA,IACIS, ISFCE, ECCouncil or CREST certifications (e.g. CFCE, CCE, CIFI, CHFI, ECIH, GCIH, GCIA, GCFA, GCFE, GREM, GCED, Intrusion Analyst, Network or Host Intrusion Analyst or Malware Reverse Engineer)
Vendor specific qualification such as AccessData Certified Examiner (ACE), Encase Certified Examiner (EnCE) certification or X-Ways Professional in Evidence Recovery Techniques (X-PERT)
Our four promises to you:
Over 1,700 amazing colleagues in nearly 30 offices
Possibility to protect the world
Work with best of class experts who care
Relaxed, open and fun working environment
68+ of nationalities
Global with the spirit of a small company
Purpose – Why we exist
We are here to build and sustain trust in a digital society
We are here to build and sustain trust in a digital society — trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.
Vision – Where we are heading
No one should experience a serious loss because of a cyber attack
We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.
Mission – What we do
Accelerate transition to outcome-based security
Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.