Senior Technical Cyber Security Consultant

3 months ago


København, Denmark F-secure Full time

Job Description
WithSecure delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

Our mission is to assist our clients in being more resilient tomorrow than what they are today. In order to achieve that mission, we need people that love breaking (into) stuff or investigate what happened during a cyber incident. In our Consulting unit you will be doing that and not only, as a Senior Technical Cyber Security Consultant. You will use your knowledge and experience in partnering with our clients to continuously enhance their cyber resilience.

We are currently looking for experienced people to join our offensive team in Copenhagen, as technical Senior Cyber Security Consultants.

Key Responsibilities

  • Your primary responsibility will be to conduct professional security assessments for our clients across all our verticals (finance, gambling, critical infrastructure, world-leading brands), as well as consulting and advisory services, resulting in world-class assessment reports and presentations.
  • The bulk of your work will consist of a mix of security assessments, web applications, mobile applications, infrastructure, and server deployments. Based on interest and skillset, code review, cloud assessments (across multiple providers), SOC assessments, purple team exercises, red team engagements and hardware hacking is also on the table.
  • Support and mentor junior colleagues, lead projects, and generally contribute to the success of the team as a whole.

What We Are Looking For

  • An experienced and creative security professional who is not limited to following checklists or pre-defined test cases. Our clients' solutions and requirements are continuously evolving, and your approach to testing needs to do the same.
  • Hands-on experience with discovering and exploiting vulnerabilities.
  • Experience beyond security products, IT procurement, and installing or deploying security software or appliances. We BREAK processes, products, and software. We are technology agnostic, and we work with what makes sense for the given task.
  • Capability of going beyond the OWASP Top 10 and scanning for low-hanging fruits. Ability to identify exotic, obscure, and sometimes down-right bizarre configurations and deviations from best practices.

Here is What We Do

  • Security assessments, pentesting, hacking, cracking, reverse engineering, etc. The point is that we attempt to break the security models, products, applications, code and features employed by our clients to help improve the overall security posture of their business, before the threat actor does.
  • Automated and manual vulnerability discovery, enumeration, identification, and exploitation. We expect you to have experience with all of these, and know when to do one and not the other.
  • Web application, mobile application, web services and API security assessments. We do these based both on automated and manual source code review, runtime testing and high-level architecture reviews, utilizing our many years of experience with offensive tooling and understanding of application vulnerabilities.
  • Business impact analysis, contextualizing vulnerabilities and articulating risk. Because a cool hack, technical writeup, or concise CVSS score, means very little to actual businesses, unless you can explain exactly how a vulnerability or weakness could end up hurting the client.
  • Executive writing, high-level summaries of complex technical content for non-technical senior managers, as well as detailed technical writeups, steps to reproduce, and actionable recommendations aimed at developers, system administrators and solution owners.

Requirements

  • A clean criminal record. You must be able to obtain a security clearance, and stand up to a standard background check.
  • A core understanding of computing and information systems, network technology, trusted computing principles, secure development practices and modern applications across multiple platforms.
  • Excellent English skills, both orally and in writing (any other languages are simply a bonus).
  • Consulting experience within the cyber security field.
  • Self-motivated, a problem-solver and have a life-long learning mindset that drives you to continuously learn and apply that knowledge in your partnership with clients.
  • Structured in your approach and have the ability to support your peers in a structured and reproducible manner, to help uplift the efforts of everyone around you.
  • Great communication skills and the ability to present technical jargon in an understandable way.
  • Not fazed by stressful situations, and able to keep your head cool when our clients might be stressed and lose their cool.

Bonus Points

  • Information security certifications such as OSCP, OSCE, GPEN, GWAP, CEH, CRTP, CISSP or similar. Technical certifications relating to security testing are not a requirement, but for sure a bonus. If you don't have any, don't worry, we value experience and skillset way above pieces of paper.
  • A degree in Computer Science or equivalent experience or training.
  • You run your own lab environment, experiment with existing tools, develop your own tool, contribute to FOSS projects, participate in industry and community events such as conferences, hackerspaces or CTFs.

What Will You Get From Us

  • Expected salary in the range of 40k-60k DKK, depending on qualifications and experience.

Benefits Include

  • Extensive health insurance.
  • Company supported sport activities and other wellbeing support.
  • Paid phone and home Internet.
  • Paid parental leave.
  • A great lunch arrangement, that serves tasty and varied food catering to most diets.
  • A bright and spacious office, with excellent chairs, monitors, and peripherals.
  • An opportunity to work with some of the best technical security people in Europe with a wide variety of passions and skills.
  • A chance to do what you are passionate about and get paid for it.
  • An opportunity to work with some of the most demanding and interesting clients in the world.

About the Company
Purpose – Why We Exist
We are here to build and sustain trust in a digital society — trust that is threatened by uncertainty, fear and worry caused by cyber attacks and crime.

Vision – Where We Are Heading
No one should experience a serious loss because of a cyber attack. We envision a future where no one should experience a serious loss or be put out of business because of cyber attack or crime. At least no one who puts their trust in us.

Mission – What We Do
Accelerate transition to outcome-based security. Our mission is to research, innovate and build technologies, human expertise and delivery-business models that will accelerate our customers’ and partners’ transition to outcome-based security.

Diversity & Inclusion:
WithSecure is an equal opportunity employer and believes that employing a diverse workforce is central to our success. We are committed to ensuring all qualified applicants will receive consideration for employment without regard to nationality, colour, race, ethnic or national origin, sex, gender (including gender reassignment), sexual orientation, religion or belief, age, marital status or physical or mental disability.

We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you

#J-18808-Ljbffr

  • København, Denmark IT Relation AS Full time

    Strategic Cyber Security Advisor - Copenhagen, Aarhus or Kolding Are you passionate about guiding organizations in improving their strategic security posture? Do you excel in advising on high-level cyber security policies, risk management, and ensuring comprehensive defense strategies? And would you like to join a team of truly dedicated professionals who...


  • København, Denmark WithSecure Co Full time

    WithSecure protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information,...


  • København, Denmark The HubDanske Bank Full time

    Veo is a global leader in AI-based sports camera technology. Our innovative, fully automatic camera solution enables sports teams to record matches and training sessions without a camera operator. We’re democratizing the world of sports by granting video analysis for teams on all levels—a privilege that used to be only for the few. More than 40,000...


  • København, Denmark Veo Technologies Full time

    Copenhagen Operations – Business IT / Full Time / On-site Veo is a global leader in AI-based sports camera technology. Our innovative, fully automatic camera solution enables sports teams to record matches and training sessions without a camera operator. We’re democratizing the world of sports by granting video analysis for teams on all levels—a...


  • København, Denmark Veo group Full time

    Company Overview: Veo is a global leader in AI-based sports camera technology. Our innovative, fully automatic camera solution enables sports teams to record matches and training sessions without a camera operator. We’re democratizing the world of sports by granting video analysis for teams on all levels—a privilege that used to be only for the few....


  • København, Denmark Truesec GmbH Full time

    Do you want to be at the forefront of protecting our society against cyber threats? We are looking for an Associate Identity Security Consultant to team up with the most dedicated team of cyber specialists in our Identity & Access Management domain. About Truesec – A Leading Cybersecurity Company Since 2005, Truesec has been a native cybersecurity...


  • København, Denmark Amazon Full time

    Senior Security Consultant, Professional Services Israel Do you want to lead the development of planetary scale security solutions in the cloud? Are you excited to help customers automate security operations giving them unprecedented capability and agility? Do you enjoy driving fast-paced complex projects focused on game changing business outcomes for...


  • København, Denmark LEGO Full time

    Lead Cyber Security Specialist Job Description We are looking for a skilled and adaptable Incident Response Specialist to lead our SOC and CSIRT teams as technical lead. With expertise in Incident Response, Digital Forensics, and eDiscovery, you will have experience leading teams within a Security Operations environment. In this key role, you will guide...

  • Senior IT Consultant

    3 months ago


    København, Denmark BCG - Boston Consulting Group Full time

    Placering Copenhagen For our Copenhagen office, we are looking for Senior IT Consultants to collaborate with colleagues from BCG Platinion and/or The Boston Consulting Group on national and international client projects! You will be independently structuring project modules and supporting junior project members. Together with our clients, you will develop...

  • Senior IT Consultant

    3 months ago


    København, Denmark BCG Platinion Full time

    Posted 10-Nov-2023 For our Copenhagen office, we are looking for Senior IT Consultants to collaborate with colleagues from BCG Platinion and/or The Boston Consulting Group on national and international client projects, independently structuring project modules and supporting younger project members. Together with our clients, you will develop superior IT...

  • Security Adviser

    1 month ago


    København, Denmark European Interagency Security Forum Full time

    We’re looking for a dynamic, experienced Security Adviser to contribute to the effective safety and security risk management of Danish Red Cross operations overseas. The Red Cross is the world’s largest humanitarian organization and we are looking for a Security Adviser for Danish Red Cross, to support the Senior Security Adviser to roll out the DRC...

  • Security Lead

    3 months ago


    København, Denmark Globalconnect Full time

    IT Security Lead – Help Secure the Future with GlobalConnect Do you want to shape the future of IT security for a fast-growing, innovative company? Are you ready to make a tangible difference in how we protect our digital environment? If so, GlobalConnect invites you to join us as an IT Security Lead! About the Role: With continued growth plans and high...

  • Senior IT Auditor

    3 months ago


    København, Denmark Danske Bank Full time

    If you are enthusiastic about IT, Cyber Security, Application Security, operational risk management, and compliance, consider joining our Group Internal Audit (GIA) team at Danske Bank, where challenges and learning opportunities abound. Join Our Dedicated Team in IT Infrastructure, IT Governance, and Cybersecurity Our Group Internal Audit team offers...


  • København, Denmark IT Relation AS Full time

    Are you passionate about conducting red teaming, adversary simulation and penetration testing? Do you excel in generating client assessments, feedback and reports? And would you like to join a team of truly dedicated professionals who value a healthy, developing, and collaborative work environment? Then come join us! What we offer A strong and unique...


  • København, Denmark Schibsted Danmark Full time

    Job Description Location: Stockholm or Oslo or Copenhagen Department: Security & IT Governance Reports to: Head of Security & IT Governance About Us: Join our Security & IT Governance team at Lendo Group, which focuses on protecting our digital assets and ensuring compliance with industry standards. We are committed to maintaining a secure environment...

  • Account Director

    3 months ago


    København, Denmark WithSecure Co Full time

    WithSecure protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the unlawful spread of sensitive information,...


  • København, Denmark Templafy Full time

    Copenhagen About us: Templafy is the next gen document generation platform that automates all document creation across organizations. Our platform eliminates manual document work allowing companies to drive governance, efficiency and ultimately business results. Templafy supports millions of users and enables over 800 enterprise customers such as KPMG,...


  • København, Denmark The HubDanske Bank Full time

    Ready to make a mark in cybersecurity? Are you eager to be a part of a fast-growing startup where you can lead and expand cutting-edge consultancy services? Do you have a passion for cybersecurity and the technical skills to back it up? This is your chance to shine! About Seculyze Seculyze is a dynamic SaaS company at the forefront of cybersecurity...

  • Account Director

    3 months ago


    København, Denmark F-secure Full time

    Copenhagen Hybrid Job Description WithSecure protects businesses all over the world from modern threats. We do this through a Co-security approach born from first-hand knowledge that no one can solve every cyber security problem alone. Every single day, our diverse, growing team fights against online extortion, threats to national infrastructure, the...

  • Pre-Sales Engineer

    3 months ago


    København, Denmark Heimdal Security Full time

    We are Heimdal and cybersecurity is our passion. Join us in an internationally expanding business, leading the fight against cybercrime! We have been praised by the FBI and are winners of multiple awards, most recently the "Cloud Based Solution of the Year" at the 2023 Network Computing Awards and "Risk Management Award" at the Security Excellence Awards and...