Managed Security services business unit is looking for a DFIR Specialist. You will be a part of our incident response and forensics team and your main focus will be security incident handling, forensics, threat hunting and related security specialist tasks. Your duties include handling security incident response cases, developing incident response processes and being part of our SOC Tier 3 team including our Tier 3 on-call ring. While your main responsibilities will be with incident response, you shall also join other cybersecurity-related projects.

The position is permanent and full-time. You will be based in Espoo or Turku, Finland. Nixu has very flexible remote working opportunities. Nixu's clients require a high degree of confidentiality from our workforce, so all applicants must pass a security background check. Passing the check requires the applicant to be a Finnish citizen or for an extended period of living and working in Finland.

What do we expect from you?

We expect that you have solid security background and experience in incident response, forensics and working either with or in a security team for several years. You should be an established professional in the field of digital forensics and incident response with the capability to lead the technical investigation, communicating efficiently with the Clients and third parties who are joining the investigations. Background from system administration, penetration testing or SOC specialist work is considered an advantage. You should feel confident in leading incident response investigations and communicating with the Clients and their other stakeholders.

From the technology perspective, you should be very familiar with operating systems, networks and DFIR-related tools and processes. You understand the basics of enterprise architecture and you know how a Security Operations Center works. You have a solid ability to write technical reports in English in an understandable form.

We do not expect you to master everything, but at least half of the following topics should be familiar:

- operating systems (Windows / Linux, Mac OS is plus)
- security incident response
- digital forensics
- EDR tools (Carbon Black, CrowdStrike, MS Security Stack)
- security information and event management
- modern cyber defence solutions
- file systems
- network protocols
- routers, firewalls, IDS/IPS
- scripting (powershell / python)
- project management (in DFIR cases)
- familiarity with cybersecurity processes

Computer forensics expertise, penetration testing experience, academic studies, and security-related certifications (like: GCFA, GCFE, GCIA, GCIH, CISSP, GREM, OSCP) are a strong plus. Strong ethics, fluent written and spoken English as well as the ability to efficiently work as a part of a technical security team and the possibility to occasionally work outside of office hours is a must. Willingness to travel is highly appreciated but not a must.

Why Nixu?

Our values – professionalism, collaboration, humanity and passion for cybersecurity – guide our work every day, everywhere.

We aim to be the best workplace for cybersecurity professionals. Nixu has a modern company culture that empowers our employees. We provide our people with all the means, tools, and support so they can develop their professional skills. By joining Nixu, you will get to be part of the Nixu cybersecurity community, where you will find helpful colleagues with great team spirit.

We embrace diversity and appreciate that Nixuans have – and need to have – a life outside the workplace. And we want our people to have fun at work!

Apply now!

We are waiting for your application! Please create your profile in our recruitment system and tell us why you would be a good match with us.

Questions?

If you have further questions, please contact Dan Torckell at dan.torckell[at]nixu.com

If everything is clear, go ahead and apply immediately!

We will start interviewing as soon as possible and are striving for a quick hiring decision.

Since we are working with security for security-conscious companies and
organizations, we will do security background checks as part of the
recruitment process.