Oh oh! Awesome! {$ msg.text $} ({$ msg.count $})

Attack Surface Management Engineer

  • Applications are considered on a rolling basis
  • Poznań
  • Hybrid
  • Applications are considered on a rolling basis
  • Poznań
  • Hybrid

WithSecure delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

Our Attack Surface Management (ASM) team is responsible for maintaining a deep understanding of our client’s attack surface, and working collaboratively to secure their perimeter against threats.

Our engineers in the ASM team are experts in viewing our client’s perimeters as an attacker would. By combining current threat intelligence with a deep understanding of modern attack strategies, their job is to constantly look for new threats across our client’s estates. There’s no routine playbook for this – what makes our ASM team so successful is a willingness to challenge the norm, take the initiative and follow their own intuition to identify the most likely attack vectors across an entire organization.

What we need…

WithSecure are looking for a ASM engineer to join our growing ASM team. We are looking for security professionals who have a passion for reconnaissance, keeping up to date with emerging attack techniques and finding new ways that businesses can be targeted.

Our hunting differs from traditional pentesting – instead of deep-dive analysis, we look at the big picture, and try to answer the question “if I was trying to target this organization, what would I do?” To do that, we need people who can think like a real attacker and work with our clients to understand what they see.

To succeed at WithSecure and help our clients with their challenges you will need to be geared up with the following:

  • A passion for security! You love computers, you love security and you love hacking things and solving problems. If this weren’t your job it would be your hobby.
  • Self-motivation! You’re not going to be told what to do all the time. You are capable of figuring out what is of benefit to WithSecure and our clients and then run with it. We will give you the tools to succeed, but it is up to you to apply them.
  • Communication skills! How can we add value to our clients’ organizations unless we can tell them what we did, how we did it and how they can fix it? But communication also extends to sharing your knowledge with your colleagues and the wider industry.

Job duties:

  • Actively monitoring threat intelligence feeds
  • Open-scope hunting based on gathered threat intelligence
  • Ongoing OSINT gathering, reconnaissance and analysis
  • Work collaboratively with clients to secure their perimeter against cyber threats
  • Contribution to research and tool development
  • Hypothesis driven investigations

Bonus points:

  • Previous security experience including consulting, threat hunting, soc analysis, tool development, OSINT
  • Deep understanding of security principles
  • CREST and/or Offensive Security certifications like OSCP, OSEP, OSCE

Work with great people

William Jardine
Managing Consultant
"The freedom is a big thing for me. The trust you are doing something worthwhile."
Fairuz Zainor
"I joined WithSecure (previously F-Secure) straight after graduating and now, 10 years later, I am still happy to be here."
Kinga Baran
Program Manager
"WithSecure gives me a feeling of appreciation for what I do as well as ongoing challenges to grow personally. This sounds like a slogan but it really happens here!"

Great Place to Work

  • Over 900 amazing colleagues in 18 offices

  • Possibility to protect the world

  • Work with best of class experts who care

  • Relaxed, open and fun working environment

  • 70+ nationalities

  • Global with the spirit of a small company

About the company

Purpose – Why we exist
We are here to build and sustain trust in a digital society
We are here to build and sustain trust in a digital society — trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.

Vision – Where we are heading
No one should experience a serious loss because of a cyber attack
We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.

Mission – What we do
Accelerate transition to outcome-based security
Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.

Diversity & Inclusion:

WithSecure is an equal opportunity employer and believe that employing a diverse workforce is central to our success. We are committed to ensuring all qualified applicants will receive consideration for employment without regard to nationality, colour, race, ethnic or national origin, sex, gender (including gender reassignment), sexual orientation, religion or belief, age, marital status or physical or mental disability.
We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you!

Tomasz Godlewski | Contact Person

I'm interested

Poznań | Hybrid
Visit website