Threat Hunter

WithSecure protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information, and everything in-between. The best part about working for WithSecure is our people We are a community of dedicated and passionate professionals that take workplace happiness seriously. If you’re looking for something that’s more than just a job - we’d love to hear from you.

WithSecure protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information, and everything in-between. The best part about working for WithSecure is our people We are a community of dedicated and passionate professionals that take workplace happiness seriously. If you’re looking for something that’s more than just a job - we’d love to hear from you.

WithSecure is world renowned for its End Point Protection solutions - providing preventative and proactive protection to tens of millions of computer and smart devices globally. Over the past few years, the company has successfully entered new markets and has increased its portfolio of solutions to include Cyber Consulting and Managed Detection and Response Solutions.

Our Managed Detection and Response (MDR) business provides a world leading managed service, WithSecure Countercept, that detects and responds to cyber-attacks on behalf of our clients using a strong combination of people, process and technology. Much of the technology is designed and built in house by the WithSecure engineering team specifically to support the managed service or as leveraged products that WithSecure also provides to the wider market.

MDR team comprises several sub teams: the Detection & Response Team (DRT) who uncover adversaries on our client’s networks and contain attacks using their Incident Response skill, the Research Team who uncover new and emerging offensive and defensive techniques, and the Technical Operations team who maintain and develop the attack detection infrastructure to ensure it remains at the bleeding edge.

Currently we are looking for a **Junior Threat Hunter** to join our growing DRT. The DRT actively monitor the networks of our customers, develop the cutting-edge solutions on which the service is built and use their unique Threat Hunting mindset to continuously improve WithSecure Countercept’s attack detection capability.

**Who we think will be a great fit**

If any of these points pique your interest, you will seamlessly integrate into the team and succeed:

- Terms like **threat hunting**, **malware analysis**, **process injection**, **covert C2**, **EDR** and **APT** excite you
- You love nothing more than reading about attacker techniques and are keen to thwart and respond to the ever-evolving threats they present to our clients
- You are both using and developing **cutting edge** tools to aid detection and response and are keen to keep up with the latest industry developments
- You will have **real-world experience** responding to attacks of all levels, from script kiddies to nation states, and relish sharing this experience and knowledge with the rest of the team and the industry at large
- You keep up with the latest industry developments, are an avid reader of things like **/r/**netsec to get your security knowledge fix.

As a successful **Threat Hunter** you will have the chance to:

- Proactively investigate host, network and log-based security events
- Manage incidents from detection to resolution
- Research new attack techniques to uncover innovative detection capabilities
- Liaise with clients and report potential findings from both a technical and business perspective
- Assist in development of the Countercept service
- Develop strong knowledge of core IP networking and common protocols, as well as understanding of Windows and Linux internals
- Gain hands-on experience of automated and manual malware analysis (static and dynamic) and of network, memory and host forensics
- Investigate & respond to comprises by advanced attackers
- Grow a mixed skillset covering both offensive and defensive security, including development and scripting skills
- Learn about modern offensive techniques and APT TTP's
- Work with common network traffic analysis platforms and/or SIEM solutions

**Our four promises to you**
- Freedom - you will have the opportunity to define new ways of working how we engage with our customers, and how product value gets represented
- You will work together with experienced and enthusiastic colleagues, and w