Senior Security Specialist

Are you passionate about incident reporting and making a real impact in the world of cybersecurity? Are you ready to be on the front line of security incidents?

Detection and Response business unit is looking for a Security Specialist to join our DFIR team. You will be a part of our dynamic DFIR team, reporting directly to the team lead. As a team, we are tackling every case with expertise, fostering a respectful and supportive atmosphere. Our team has a proven track record of successfully handling a wide variety of cases, from minor incidents to major investigations.

Your main duties will be handling security incidents, conducting forensic investigations and analyses, threat hunting, and performing various security specialist tasks. Additionally, you will manage security incident cases, develop processes and ways of working, and be part of our SOC Tier 3 team in a 24/7/365 on-call rotation, divided between office hours and stand-by shifts. While your main responsibilities will be with DFIR, you shall also join other cyber security related projects allocated to the team.

The position is permanent and full-time. You will be based in Espoo or Turku, Finland. DNV Cyber has very flexible remote working opportunities. Our customers require a high degree of confidentiality from our workforce, so all applicants must pass a security background check. Passing the check requires the applicant to be a Finnish citizen or an extended period of living and working in Finland.

Posting Deadline: 25/07/2025.

We will continuously review applications and progress with strong candidates as they apply, so don’t wait until the deadline to submit yours.

#DNVCyber

We have recently embarked on an exciting journey – formerly known as Nixu, now combined forces with DNV and Applied Risk, with the goal of creating a leading European cyber security services business.

A rare opportunity to join our DFIR team is now open as we've reserved a seat at the table just for you.

At DNV Cyber, we are passionate about cybersecurity and take pride in the way we are impacting the society we live in. We encourage you to excel professionally through knowledge sharing and demanding cases. At DNV Cyber, you'll have 500 colleagues who share an interest in cyber security with you.

At DNV Cyber, you will have the opportunity to work on a variety of cases and customers from various industries. You will be working in an international environment with global opportunities to advance in your career. With us, you will be surrounded by the most talented people in the cyber security field. We encourage you to keep challenging yourself by exploring new areas of expertise.

Join us on an exciting adventure of growth, meaningful work, and shaping the future through cyber security!

DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity.

We are a match if you have solid security background and experience in incident response, forensics and working either with or in a security team for several years.

You should be experienced professional in the field of digital forensics and incident response with the capability to lead the technical investigation with confident, communicating efficiently with the Customers and third party stakeholders which are joining in to the investigations. Having experience in leading people is also highly appreciated. You need to be able to analyze logs, perform forensic analysis of disk and memory images and draft technical DFIR investigation reports in fluent English.

We do not expect you to master everything, but at least half of the following topics should be familiar:

• Knowledge of Windows, Linux, and macOS operating systems
• Cloud platforms IR and forensics (AWS, Azure, GCP, M365)
• Log management and analysis tools
• Disk- and memory forensics tools
• Security incident response
• EDR tools (example MS Security Stack)
• Security information and event management
• Modern cyber defense solutions
• File systems
• Network protocols
• Routers, firewalls, IDS/IPS
• Scripting (powershell / python)
• Use of incident management tools
• OSINT and cyber-threat intelligence gathering
• Familiarity with cybersecurity processes

Background from system administration or Security Operation Center/CSIRT work is considered an advantage. Computer forensics expertise, penetration testing experience, academic studies, and security related certifications (like: GCFA, GCFE, GCIA, GCIH, CISSP, GREM, OSCP) are a strong plus. Strong ethics, fluent written and spoken English as well as ability to efficiently work as a part of technical security team. Willingness to travel is highly appreciated but not a must.

You will stand out as ideal candidate if you also possess some of the following skills:

• A customer-centered mindset
• Strong problem solving skills
• Ability to deal with a large amount of information in a limited time
• Skills in malware analysis and reverse engineering
• A 'threat hunter' mindset and skillset