{$ msg.text $}

Threat Hunter

  • Singapore
  • Singapore

F-Secure Countercept is currently looking for someone with the right skills and interests to join our Threat Hunting team – areas of particular interest include threat hunting, digital forensics, attack detection and cyber defence. The successful candidate will work within the ‘MDR Business Unit of F-secure, with a group of established threat hunters, focused on carrying out, supporting and investigations of day to day incidents detected by the F-Secure Countercept Managed Detection and Response service for ourcustomers and performing research to continuously improve its capability. If any of the following resonates with you, this could be the role for you:

What we need…

  • Terms like “threat hunting”, “malware analysis”, “process injection”, “covert C2”, “EDR” and “APT” are your bread-and-butter.
  • You love nothing more than spotting the latest attacker techniques in the wild and using your experience to thwart and respond to the ever evolving threats they present to our clients.
  • You are both using and developing cutting edge tools to aid detection and response and are keen to keep up with the latest industry developments.
  • You will have real-world experience responding to attacks of all levels, from script kiddies to nation states, and relish sharing this experience and knowledge with the rest of the team and the industry at large.
  • You keep up with the latest industry developments, are an avid reader of things like /r/netsec and follow swathes of awesome researchers on twitter to get your security knowledge fix.

The Countercept platform is a dynamic and rapidly evolving product, which is heavily research led. The ideal candidate would be able to contribute to enhancing the capability of the service, whether through direct development, research activities or media opportunities.

The ideal candidate should also have solid experience in both offensive and defensive security areas, either penetration testing, incident response or ideally a mixture of both.

The role will also involve client facing functions, including investigative reporting, breach assistance and general client technical account management.

The candidate should be highly motivated, eager to learn and not afraid to get stuck-in, being able to work autonomously as well as part of a team is essential. The ability to effectively triage and prioritise rapidly evolving incidents, utilising a team of threat hunters and IR practitioners to support, is crucial.

The Countercept service monitors target networks 24/7, 365 however work is distributed between F-Secure's UK, Poland and Singapore offices. As such, hunters are expected to work on a rotational basis, including weekends but would not work night shifts.

Being research-led is a key part of how our service and capability develops. As such, you will be given at least 25% of your time dedicated towards research. This time can be spent on a wide range of activities that progress our capability and outputs such as blogs, white papers and conference talks are encouraged!

Main responsibilities include:

  • Proactively investigate host, network and log based security events
  • Manage events and triage from detection to resolution
  • Static/Dynamic Malware Analysis
  • Advanced Host, Network, and Memory Forensics
  • Support/mentoring of junior threat hunters
  • Liaise with clients and report potential findings from both a technical and business perspective
  • Perform research to develop the Countercept service

Who we think will be a great fit…

  • Strong knowledge of core IP networking and common protocols
  • Strong understanding of Windows and Linux internals
  • Hands on experience of network, memory and host forensics
  • Hands on experience of automated and manual malware analysis (static and dynamic)
  • Hands on experience investigating & responding to comprises by advanced attackers
  • Mixed skillset covering both offensive and defensive security
  • Proven coding experience with C++, C#, Ruby and similar
  • Proven scripting experience with Python/Powershell/Bash/WMI and similar
  • Experience with modern offensive techniques and APT TTP's.
  • Experience with common network traffic analysis platforms and/or SIEM solutions

Who we are…

F-Secure Countercept is a managed detection and response (MDR) service designed to counter Advanced Persistent Threats (APT) from state sponsored and sophisticated criminal groups; it detects and responds to compromise and attempted compromise across our clients’ IT estates.

Our philosophy is focused on changing the mindset of the industry, moving away from SOCs filled with alert-fatigued analysts waiting for their SIEM to flag yet another false-positive and moving towards offensively trained, proactive threat hunters, who understand the attacker mindset and can root out even the most sophisticated adversaries across both the network and the endpoint.

Work with great people

Karolina Malagocka
Senior Marketing Manager
"At F-Secure we see the value of each and every person"
Zuzanna Kunik
Data Scientist
"As a data scientist, I love working closely to data. As an extrovert, I love working with people. In my current role I’m doing both. "
Jonas Lundberg
Global Cyber Security Solution Sales
"I feel confident in selling our services that protect our customers. It's extremely stimulating and gives me a sense of purpose"
Robert Petesic
Senior Security Specialist
"Positive atmosphere in the office and knowledgeable colleagues are pushing me to always give my best and learn more."
Ruediger Trost
Pre-Sales Manager
"After more than 11 years, I still go to the office with a smile, even if it is a Monday morning =)"
Sean Nel
Senior Software Engineer
"If you like working on cool, new stuff with lekker people"

Great Place to Work

  • Over 1,700 amazing colleagues in nearly 30 offices

  • Possibility to protect the world

  • Work with best of class experts who care

  • Relaxed, open and fun working environment

  • 68+ of nationalities

  • Global with the spirit of a small company

About the company

At F-Secure, we are committed to helping people and businesses be free in the digital world, without having to worry about cyber security. Every day, our Fellows face the daunting challenge of outsmarting those that disrupt the digitalized world. A difficult task, we know, but something we all come together to do for our customers. We make the world a safer place.

Our Fellowship of people have a shared interest in being successful together and being open and honest with each other. At F-Secure, we meet each other as equals, but challenge each other’s ideas – we believe this makes us all better and creates a more secure environment for our customers.

As an F-Secure Fellow, you’ll be joining a tight knit network of over 1,600 colleagues, spread over 25 offices around the world. To us, Fellowship means that what we do together is more important what I do. At F-Secure you will be part of our Fellowship. Be who you are – bring your best self.

1988F-Secure established under the name Data Fellows

1992First public hysteria about a computer virus

2002First Antivirus for mobile phones

2004F‑Secure Labs launches first antivirus industry blog

2009F‑Secure’s next step into the cloud

2015F-Secure aims to become the leading European cyber security company

2018MWR InfoSecurity joins F-Secure

Danielle Acott | Hiring Manager

I'm interested
F-Secure Cyber Security Ltd

Visit website