DFIR Specialist

Abu Dhabi, United Arab Emirates | Posted on 06/15/2023

If you are a self-motivated individual passionate about cybersecurity, weencourage you to apply for this exciting opportunity to join our dynamic teamat CyberGate Defense.

Job Title: DFIR Specialist – L2

We are Hiring a DFIRSpecialist (Digital Forensics and Incident Response)

Job Location: AbuDhabi Location/Dubai

Job Role: Permanent

Responsibilities:

• Ability to forensically analyze systems for evidence of compromise.
  
• Investigate security incidents, conduct a detailed analysis ofsecurity events, and determine the root cause of security breaches.
  
• Conduct forensics analysis on endpoints and networks and,investigate security incidents which involve digital forensic analysis,malware analysis, and log analysis.
  
• Identify security incidents through 'Hunting' operations within aSIEM and other relevant tools.
  
• Coordinate and lead incident response efforts, includingcontainment, eradication, and recovery activities.
  
• Develop and maintain incident response plans, playbooks, andstandard operating procedures.
  
• Proactively hunt for potential security threats and vulnerabilitieswithin the organization's networks, systems, and applications.
  
• Utilize various threat intelligence sources, security logs, andother tools to identify anomalous activities and potential securityincidents.
  
• Collaborate with cross-functional teams, including IT, networkoperations, legal, and external partners, to ensure a comprehensiveresponse to security incidents.
  
• Stay up to date with the latest security threats, vulnerabilities,and attack techniques, and provide recommendations for security improvementsand countermeasures.
  
• Conduct post-incident analysis and create detailed reportsdocumenting the incident response process and lessons learned.
  
• Participate in security incident simulations and tabletop exercisesto test the effectiveness of incident response plans.
  
• Assist in implementing and maintaining security monitoring toolsand technologies.
  

Qualifications:

• Bachelor's degree in computer science, cybersecurity, or a relatedfield (or equivalent work experience).
  
• Extensive experience in threat hunting, incident response, andcybersecurity operations.
  
• In-depth knowledge of security frameworks, such as MITREATT&CK, and industry-standard incident response methodologies.
  
• Strong understanding of network protocols, system logs, andsecurity event management.
  
• Proficient in using various security tools, such as SIEM, IDS/IPS,EDR, and forensic analysis tools.
  
• Familiarity with cloud platforms, network security, and emergingtechnologies.
  
• Excellent analytical and problem-solving skills with the ability toanalyze large datasets and identify patterns or indicators of compromise.
  
• Strong communication skills with the ability to effectivelycollaborate with cross-functional teams and communicate complex securityissues to technical and non-technical stakeholders.
  
• Relevant certifications such as GCIH, GCFA will be an advantage.
  
• Experience with scripting or programming languages (e.g., Python,PowerShell) for automation and data analysis is a plus.
  
• Ability to work in a fast-paced environment, prioritize tasks, andhandle multiple incidents simultaneously.
  
• Strong commitment to continuous learning and staying updated withthe latest trends and best practices in threat hunting and incidentresponse.
  #J-18808-Ljbffr