Incident Response Consultant

I'm interested

F-Secure delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts - diverse, talented, and passionate people - working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

We are looking for an Incident Response Consultant to join our growing team. This is a great opportunity for someone who has studied computer science, IT security, or Computer Forensics and are interested getting into the fascinating field of pulling apart real-world attacks in a company that is highly innovative, rapidly growing and with lots of opportunities to learn and grow.

**Key Responsibilities**

The primary responsibility of this role is to work with F-Secure’s clients to deliver Investigations and Incident Response services. These services are aimed at responding to and containing security incidents for our clients, with a particular focus on advanced targeted attacks. This can also cover a wide range of areas including forensic investigations, proactive compromise assessments and guiding our clients through the implementation of response procedures.

This role requires the ability to clearly communicate to a range of audiences from technical practitioners through to executive boards and identify technical issues describing them in the language of the business you are engaged with.

**Job Duties**
- Performing consultancy for F-Secure clients and producing high quality reports to present findings and guidance
- Maintaining target utilization on client chargeable projects whilst working as an Incident Response Consultant
- Producing output to highlight the technical competence of the company to a standard that can be published
- Supporting your practice area in successful delivery and growth

**What are we looking for?**
- Solid understanding of client-server infrastructures, security architectures and related logging and alerting
- Knowledge of TCP/IP networking with the ability to perform network forensic analysis
- Solid understanding of file-system analysis including FAT, NTFS, HFS+ and/or EXT2/3/4 and ability to find and extract common disk-based indicators of compromise
- Knowledge of Windows, Linux and/or OS X internals
- Knowledge of the phases of Incident Response as defined by NIST
- Familiarity with common attack techniques
- Knowledge of and experience in memory analysis
- Ability to report key findings in a clear and concise manner both at technical and senior management level

**Bonus points**
- Knowledge of and experience in Malware Analysis to a minimum level of behavioral analysis
- Experience with a scripting language such as Python, Ruby, Powershell or Bash is desirable
- Knowledge of common cloud technologies
- Vendor independent qualification in Incident Response and Forensics such as GIAC, IISFA,IACIS, ISFCE, ECCouncil or CREST certifications (e.g. CFCE, CCE, CIFI, CHFI, ECIH, GCIH, GCIA, GCFA, GCFE, GREM, GCED, Intrusion Analyst, Network or Host Intrusion Analyst or Malware Reverse Engineer)
- Vendor specific qualification such as AccessData Certified Examiner (ACE), Encase Certified Examiner (EnCE) certification or X-Ways Professional in Evidence Recovery Techniques (X-PERT)
- Experience with investigating targeted attacks across large enterprise networks
- Incident Management experience

**Our four promises to you**:

- Freedom - you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented
- You will work together with experienced and enthusiastic colleagues, and within F-Secure you will find some of the best minds in the cyber security industry
- Your work will be clearly visible and recognised - all over the world and across our business units
- You can rely on the support from the entire F-Secure leadership including our top executives