{$ msg.text $}

Threat Hunter

  • Singapore
  • Singapore

F-Secure Countercept is currently looking for someone with the right skills and interests to join our Threat Hunting team – areas of particular interest include threat hunting, digital forensics, attack detection and cyber defence. The successful candidate will work within the ‘MDR Business Unit of F-secure, with a group of established threat hunters, focused on carrying out, supporting and investigations of day to day incidents detected by the F-Secure Countercept Managed Detection and Response service for ourcustomers and performing research to continuously improve its capability. If any of the following resonates with you, this could be the role for you:

What we need…

  • Terms like “threat hunting”, “malware analysis”, “process injection”, “covert C2”, “EDR” and “APT” are your bread-and-butter.
  • You love nothing more than spotting the latest attacker techniques in the wild and using your experience to thwart and respond to the ever evolving threats they present to our clients.
  • You are both using and developing cutting edge tools to aid detection and response and are keen to keep up with the latest industry developments.
  • You will have real-world experience responding to attacks of all levels, from script kiddies to nation states, and relish sharing this experience and knowledge with the rest of the team and the industry at large.
  • You keep up with the latest industry developments, are an avid reader of things like /r/netsec and follow swathes of awesome researchers on twitter to get your security knowledge fix.

The Countercept platform is a dynamic and rapidly evolving product, which is heavily research led. The ideal candidate would be able to contribute to enhancing the capability of the service, whether through direct development, research activities or media opportunities.

The ideal candidate should also have solid experience in both offensive and defensive security areas, either penetration testing, incident response or ideally a mixture of both.

The role will also involve client facing functions, including investigative reporting, breach assistance and general client technical account management.

The candidate should be highly motivated, eager to learn and not afraid to get stuck-in, being able to work autonomously as well as part of a team is essential. The ability to effectively triage and prioritise rapidly evolving incidents, utilising a team of threat hunters and IR practitioners to support, is crucial.

The Countercept service monitors target networks 24/7, 365 however work is distributed between F-Secure's UK, Poland and Singapore offices. As such, hunters are expected to work on a rotational basis, including weekends but would not work night shifts.

Being research-led is a key part of how our service and capability develops. As such, you will be given at least 25% of your time dedicated towards research. This time can be spent on a wide range of activities that progress our capability and outputs such as blogs, white papers and conference talks are encouraged!

Main responsibilities include:

  • Proactively investigate host, network and log based security events
  • Manage events and triage from detection to resolution
  • Static/Dynamic Malware Analysis
  • Advanced Host, Network, and Memory Forensics
  • Support/mentoring of junior threat hunters
  • Liaise with clients and report potential findings from both a technical and business perspective
  • Perform research to develop the Countercept service

Who we think will be a great fit…

  • Strong knowledge of core IP networking and common protocols
  • Strong understanding of Windows and Linux internals
  • Hands on experience of network, memory and host forensics
  • Hands on experience of automated and manual malware analysis (static and dynamic)
  • Hands on experience investigating & responding to comprises by advanced attackers
  • Mixed skillset covering both offensive and defensive security
  • Proven coding experience with C++, C#, Ruby and similar
  • Proven scripting experience with Python/Powershell/Bash/WMI and similar
  • Experience with modern offensive techniques and APT TTP's.
  • Experience with common network traffic analysis platforms and/or SIEM solutions

Who we are…

F-Secure Countercept is a managed detection and response (MDR) service designed to counter Advanced Persistent Threats (APT) from state sponsored and sophisticated criminal groups; it detects and responds to compromise and attempted compromise across our clients’ IT estates.

Our philosophy is focused on changing the mindset of the industry, moving away from SOCs filled with alert-fatigued analysts waiting for their SIEM to flag yet another false-positive and moving towards offensively trained, proactive threat hunters, who understand the attacker mindset and can root out even the most sophisticated adversaries across both the network and the endpoint.

Work with great people

Javier Moreno
Senior Security Consultant
"My passion for security comes from understanding how things work. Once you do, you can control it"
Karolina Malagocka
Senior Service Marketing
"At F-Secure we see the value of each and every person"
Zuzanna Kunik
Junior Data Scientist
"As a data scientist, I love working closely to data. As an extrovert, I love working with people. In my current role I’m doing both. "
Jonas Lundberg
Global Cyber Security Solution Sales
"I feel confident in selling our services that protect our customers. It's extremely stimulating and gives me a sense of purpose"
Robert Petesic
Senior Security Specialist
"Positive atmosphere in the office and knowledgeable colleagues are pushing me to always give my best and learn more."
Ruediger Trost
Pre-Sales Manager
"After more than 11 years, I still go to the office with a smile, even if it is a Monday morning =)"
ROBERT GRZEŚKOWIAK
Lead Quality Engineer
"I chose F-Secure because it gives you a great variety of experiences that you can benefit from the security perspective. "
MACIEJ KUCHARSKI
Lead Software Engineer
"You don’t feel like working in a big company, people are open and the atmosphere is very good"
PIOTR DYBA
Manager
"Every day comes with new challenges and surprises so it is impossible to get bored, especially in my team."
HASSAN MANSOOR
Junior Developer
"In my opinion F-Secure is the best place to work in Poland especially because here you have a lot of freedom at work. "
MARCIN TAMIOŁA
Senior Systems Engineer
"Best part of my current work is to have a real influence on the direction my team and work is going in."
Tinus Green
Information Security Consultant
"The fact that F-Secure performs research driven security work is the reason I work here."
Sean Nel
Senior Software Engineer
"If you like working on cool, new stuff with lekker people"
Annike Taljaard
Associate Information Security Consultant
"With the supportive company structure, we are encouraged not just to grow, but to grow in the direction that we want."
Jaco Erasmus
Ruby Developer
"In my two years at F-Secure, It has been amazing to work for an industry-leading company with a very energetic, positive and engaging culture."
Joanna Tórz
Senior Developer, Team Leader
"Nothing beats friendly but professional atmosphere, interesting daily challenges and the culture of growth as an individual and as a Team!"

Great Place to Work

  • Over 1,600 amazing colleagues in 25 countries

  • Possibility to protect the world

  • Work with best of class experts who care

  • Relaxed, open and fun working environment

  • 32+ of nationalities

  • Global with the spirit of a small company

About the company

At F-Secure, we are committed to helping people and businesses be free in the digital world, without having to worry about cyber security. Every day, our Fellows face the daunting challenge of outsmarting those that disrupt the digitalized world. A difficult task, we know, but something we all come together to do for our customers. We make the world a safer place.

Our Fellowship of people have a shared interest in being successful together and being open and honest with each other. At F-Secure, we meet each other as equals, but challenge each other’s ideas – we believe this makes us all better and creates a more secure environment for our customers.

As an F-Secure Fellow, you’ll be joining a tight knit network of over 1,600 colleagues, spread over 25 offices around the world. To us, Fellowship means that what we do together is more important what I do. At F-Secure you will be part of our Fellowship. Be who you are – bring your best self.


1988F-Secure established under the name Data Fellows

1992First public hysteria about a computer virus

2002First Antivirus for mobile phones

2009F-Secure's next step into the cloud

2010The trouble with cyber espionage

2016F-Secure aims to become the leading European cyber security company

2003It begins... MWR InfoSecurity is founded.

2006MWR publishes it's first security advisory, an early step in establishing our research-led culture

2006Our first presentation at DEFCON, the first of many successful security conference appearances

Danielle Acott | Hiring Manager

I'm interested
F-Secure Cyber Security Ltd

Singapore
Visit website