Can you analyze and follow cyber crime malware and infrastructure?

Can you analyze and follow cyber crime malware and infrastructure?

At the Nordic Financial CERT we respond to and track cyber crime, their tools, infrastructure and the actors behind it.

If you are either
  • An experienced incident responder, who like to build tools and trackers.
  • or -
  • Experienced in automation and coding, and would like to deploy your skillset in the realm of incident response and actor tracking.
.. then we would like to have you join us. You will join a team of highly skilled responders, and will get interesting and unique challenges - cooperating with many professional IRT teams, law enforcement and Threat Intel providers.

Responsibilities
  • Incident response - cooperate directly with the IRT teams of our members in the Nordics.
  • Develop tools and techniques for identifying and tracking cyber crime infrastructure
  • Write toolset for streamlining and automation of our incident response procedures
  • Analyse malware and techniques used by specific actors, and replicate these.
Required skills
  • Excellent communication skills with incident responders.
  • Understanding in attack types and taxonomy of malicious code.
  • Ability to program in one or more development languages.
  • Comfortable writing API integrations.
  • Preferably higher technical education.
Competencies that will be a plus
  • Knowledge of current threat landscape (threat actors, cyber crime, APT)
  • Knowledge of platforms for orchestrating/automating incident response or threat hunting.
  • Knowledge of security systems (SIEM, IDS, Proxy, SSL inspection, NetFlow, BDS, Endpoint Security, sandboxing, and so on )
Personal characteristics
  • Cooperation and sharing oriented.
  • You have some pet coding projects for fun (home automation / community / honeypots)
  • Proficiency in English and one of the Nordic languages
Nordic Financial CERT characteristics
  • We are a small agile organization, where everyone learns from each other.
  • We cooperate very closely with our members' security teams
  • We are the spearhead of attack and threat research in our sector, and are constantly challenged.
  • We build unique tools, techniques and procedures - and we aim to fail fast and learn a lot
Other
  • Candidates must pass security clearance in Norway on the level of SECRET
  • Some travel expected (mainly in the Nordic region)
  • Can be member of our 24/7 on-call team
We offer
  • Challenging and stimulating work - serving a purpose for the Nordic societies
  • A "startup" work environment with committed colleagues
  • Opportunities to expand your skills
  • Modern offices with good public transport possibilities
  • Flexible working hours
  • Competitive salary and benefits package
* 6 weeks vacation
Mer info
Kontaktperson Morten Tandle
Telefon +4795025035
Område Oslo
Yrkesroll Data & IT, Utvecklare
Typ av anställning Heltid
Hemsida https://www.nfcert.org
Sista ansökningsdag 2 okt 2019 (15 dagar kvar)

Om arbetsgivaren

The Nordic Financial CERT enables Nordic financial institutions to respond to cyber security threats and online crime rapidly and efficiently. This is achieved by:
•Facilitating information sharing between members, partners and governmental institutions
•Publishing threat information and offering threat intelligence services
•Coordinating and assisting in cyber threat and online crime mitigation activities
We are looking for strong colleagues to join our Nordic team.