Digital Forensics & Incident Response Specialist

Join us – we keep the digital society running!

Espoo, Finland

About the role

Managed Security services business unit is looking for a DFIR Specialist

You will be a part of our incident response and forensics team and your main focus will be security incident handling, forensics, threat hunting and related security specialist tasks. Your duties include handling security incident response cases, participating in Threat Hunting assignments, developing incident response processes and to being part of our SOC Tier 3 team including our Tier 3 on-call ring.

The position is permanent and full-time. You will be based in Espoo but there is also a remote working space in Turku, Finland. Nixu has very flexible remote working opportunities, and currently all work is done remotely due to the COVID-19 situation.

What do we expect from you?

We expect that you have solid security background and experience in incident response, forensics and working either with or in a security team for at least a year. Background from system administration, penetration testing or SOC specialist work is considered an advantage.

From the technology perspective you should be very familiar with operating systems, networks and DFIR related tools and processes. You understand the basics of enterprise architecture and you know how a Security Operations Center works. You have a strong ability to write technical reports in English in an understandable form.

We do not expect you to master everything, but at least half of the following topics should be familiar:

- operating systems (Windows / Linux, Mac OS is plus)
- security incident response
- digital forensics
- EDR tools (Carbon Black, CrowdStrike, MS Security Stack)
- security information and event management
- modern cyber defense solutions
- file systems
- network protocols
- routers, firewalls, IDS/IPS
- scripting (powershell / python)
- project management (in DFIR cases)
- familiarity with cybersecurity processes

Computer forensics expertise, penetration testing experience, academic studies, and security related certifications (like: GCFA, GCFE, GCIA, GCIH, CISSP, GREM, OSCP) are a strong plus. Strong ethics, fluent written and spoken English as well as ability to efficiently work as a part of technical security team and possibility to occasionally work outside of office hours is a must. Willingness to travel is highly appreciated but not a must.

Why Nixu?

Our values – professionalism, collaboration, humanity and passion for cybersecurity – guide our work every day, everywhere.

We aim to be the best workplace for cybersecurity professionals. Nixu has a modern company culture that empowers our employees. We provide our people all the means, tools, and support so they can develop their professional skills. By joining Nixu you will get to be part of Nixu cybersecurity community where you will find helpful colleagues with a great team spirit.

We embrace diversity and appreciate that Nixuans have – and need to have – a life outside the workplace. And we want our people to have fun at work!

Apply now!

We are waiting for your application! Please create your profile in our recruitment system and tell us why you would be a good match with us.


If you have further questions, please contact Antti Kurittu at