Are you passionate about incident reporting and making a real impact in the world of cybersecurity? Are you ready to be on the front line of all incidents? Do you also want to be a close point of contact to our clients when they truly need us? Then this is a role for you! 

The role in short

The Detection and Response Unit is looking for a DFIR Specialist to work with the core cybersecurity business of preventing and responding to complex security incidents. The DFIR team tackles new phenomena in the field of cybersecurity and advises clients to resolve security incidents. As a DFIR specialist you will be primarily handling security incident cases, participate in DFIR/Tier 3 shift on-call rotation, run a variety of combined physical and digital investigations, handling evidence, log examination and analysing, reporting, and developing incident response processes. You will be working with the DFIR team lead and should also be capable to lead the investigations and develop proactive measures in DFIR ways of working. While your main responsibilities will be with incident response, you will also join other cybersecurity related project-based work such as advanced threat hunting or cyber awareness related rehearsals. 

You have the following experience

We are looking for our next DFIR specialist with a solid background in incident response and forensics. We wish you have an eye for details and feel comfortable taking the lead of technical investigations and communicating with the Clients. 

From the technology perspective you should be very familiar with operating systems, networks and DFIR related tools and processes. It is considered an advantage if you understand the basics of enterprise architecture and how a Security Operations Center or Cyber Incident Response Team works or maybe even have experience of investigating and resolving these alerts. You have a strong ability to write technical reports in English and chain-of-evidence is not an unknown term for you.  

• Several years of incident response and forensics experience
• Proven leadership in technical investigations
• Efficient communication with clients and third parties
• Proficient in technical report writing in English
• In-depth knowledge of operating systems, networks, and DFIR tools
• Familiarity with SOC/CIRT operations
• Structured and orderly analysis and reporting
• Confidence in leading incident response investigations

We wish you have worked with the following list, but if not all, you should be familiar with at least most of the list below:

• Security incident response
• Operating systems (Windows / Linux, Mac OS is plus)
• Digital forensics
• EDR tools (Carbon Black, CrowdStrike, MS Security Stack)
• Security information and event management
• Modern cyber defense solutions
• File systems
• Network protocols
• Routers, firewalls, IDS/IPS
• Developed scripts (powershell / python)

Be one of us

As Nixuans, we are passionate about cybersecurity and encourage you to excel professionally through certifications, knowledge sharing or doing more demanding cases. Our life is not only about work, we also like having fun and sharing hobbies with colleagues. If you are into floorball, golf, music, or anything else, we support Nixuans to have hobbies with coworkers in our Hobby Clubs.

In 2023, Nixu was acquired by DNV, an independent expert in assurance and risk management operating in more than 100 countries. The merger will create one of Europe’s fastest-growing cybersecurity services businesses. This brings more opportunities for our consultants to hone their skills in cybersecurity. 

With us, you will have a proper way to impact our work and decisions. You will join a company that prioritizes employee development and growth. At Nixu, we seek you who like and thrive in an expanding organization. Our work impacts the society that we live in, and you can be a crucial person in that.

 As our DFIR Specialist you will make a difference in the world of cybersecurity. Take the next step in your career and become our new DFIR Specialist!

Apply now!

We are excited to connect with you, so please apply today!

Need more information?

If you have any questions regarding this position, please reach out to DFIR Manager Suvi Holmi at suvi.holmi[at]nixu.com

The position is permanent and full-time. Your HQ will be in Espoo, Finland. Nixu has very flexible remote working opportunities, but work also may require to be on-prem within 24 hours. All applicants must pass a security clearance vetting done by the Finnish Security and Intelligence Service as part of the recruitment process.