Current jobs related to DFIR Analyst - Dubai, Dubai - Malcrove

  • Compromise Management Analyst

    3 weeks ago

    Dubai, United Arab Emirates RecruitMe Plus Full time

    Role Overview We are looking for a Compromise Management Analyst to perform advanced incident response and forensic investigations across telecom and enterprise infrastructure. This role is critical in identifying, analyzing, and responding to security compromises, ensuring rapid containment, recovery, and collaboration with operational teams. The ideal...

  • SOC L3 Analyst

    3 weeks ago

    Dubai, United Arab Emirates nSearch Global Full time

    Senior Managing Consultant at nSearch Global Pte LtdSenior SOC L3 Analyst (DFIR Specialist)This role is the highest technical escalation point in the SOC focus on complex investigations that L1/L2 analysts cannot resolveCertifications: SANS/GIAC (GCFA, GCIH, GNFA)Certified Computer Hacking Forensic Investigator (CHFI)Responsibilities:Advanced IR: Leading the...

  • SOC L3 Analyst

    3 weeks ago

    Dubai, United Arab Emirates nSearch Global Full time

    Senior Managing Consultant at nSearch Global Pte LtdSenior SOC L3 Analyst (DFIR Specialist)This role is the highest technical escalation point in the SOC focus on complex investigations that L1/L2 analysts cannot resolveCertifications: SANS/GIAC (GCFA, GCIH, GNFA)Certified Computer Hacking Forensic Investigator (CHFI)Responsibilities:Advanced IR: Leading the...

  • Incident Response and Forensic Investigation Specialist

    3 weeks ago

    Dubai, United Arab Emirates Help AG, an e& enterprise company Full time

    Incident Response and Forensic Investigation Specialist (DFIR) Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist who will be responsible for off‑site and on‑site Incident Response activities and customer engagements, leveraging multiple security technologies. The candidate will guide and lead...

  • Incident Response and Forensic Investigation Specialist

    1 week ago

    Dubai, United Arab Emirates Help AG, an e& enterprise company Full time

    Incident Response and Forensic Investigation Specialist (DFIR) Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist who will be responsible for off‑site and on‑site Incident Response activities and customer engagements, leveraging multiple security technologies. The candidate will guide and lead...

  • Incident Response and Forensic Investigation Specialist

    2 weeks ago

    dubai, United Arab Emirates Help AG, an e& enterprise company Full time

    Incident Response and Forensic Investigation Specialist (DFIR) Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist who will be responsible for off‑site and on‑site Incident Response activities and customer engagements, leveraging multiple security technologies. The candidate will guide and lead...

  • SOC L3 Analyst

    3 weeks ago

    Dubai, United Arab Emirates nSearch Global Full time

    Senior Managing Consultant at nSearch Global Pte Ltd Senior SOC L3 Analyst (DFIR Specialist) This role is the highest technical escalation point in the SOC focus on complex investigations that L1/L2 analysts cannot resolve Certifications: SANS/GIAC (GCFA, GCIH, GNFA) Certified Computer Hacking Forensic Investigator (CHFI) Responsibilities: Advanced IR:...

  • IT Security Specialist

    1 week ago

    Dubai, United Arab Emirates Dicetek LLC Full time

    Join to apply for the IT Security Specialist role at Dicetek LLC Join to apply for the IT Security Specialist role at Dicetek LLC Get AI-powered advice on this job and more exclusive features. Position Summary We are seeking a highly skilled and versatile Security Specialist with a strong background in telecommunications and Operational Technology (OT)...

  • IT Security Specialist

    7 days ago

    dubai, United Arab Emirates Dicetek LLC Full time

    Join to apply for the IT Security Specialist role at Dicetek LLC Join to apply for the IT Security Specialist role at Dicetek LLC Get AI-powered advice on this job and more exclusive features. Position SummaryWe are seeking a highly skilled and versatile Security Specialist with a strong background in telecommunications and Operational Technology (OT)...

  • Senior Malware Analyst and Reverse Engineer

    2 weeks ago

    Dubai, United Arab Emirates Dicetek LLC Full time

    Core Skills We’re Looking For (Must‑Have) 5–10+ years of hands‑on experience in Malware Analysis, Reverse Engineering, DFIR, or Threat Research Perform static and dynamic malware analysis on APT toolkits, ransomware, rootkits, trojans, loaders, and zero‑day artifacts Strong expertise in reverse engineering obfuscated and packaged binaries...

DFIR Analyst

2 hours ago

Dubai, Dubai, United Arab Emirates Malcrove Full time

POSITION DETAILS


• Reporting to: CDC Operations Lead / SOC Manager


• Work pattern: business hours, on-call duties



Location: Abu Dhabi or Dubai, UAE

ABOUT MALCROVE:

Malcrove is a cybersecurity company dedicated to providing clients with the highest level of protection throughs its advanced capabilities to detect, proactively hunt and respond to cyberattacks. Our specific offerings include advanced threat protection, security monitoring, threat intelligence, managed detection & response (MDR), vulnerability management, and penetration testing.

ROLE

The Incident Response and Digital Forensics Specialist supports government organizations, handling high-priority cybersecurity incidents such as data breaches, ransomware, and insider threats.

Responsibilities include incident detection, triage, containment, remediation coordination, and digital forensics investigations, ensuring evidence preservation, root cause analysis, and compliance with UAE regulations and international standards.

The role also involves proactive cybersecurity measures, including training, tabletop exercises, and process improvement. The specialist prepares detailed and executive-level reports, collaborates with legal and regulatory teams, and ensures coordinated, effective incident response across multiple organizations in high-pressure scenarios.

TIER 2 SECURITY ANALYST RESPONSIBILITIES

Incident Response Support



Incident Response Planning: Collaborate with DGE to assess, develop, and optimize centralized incident response procedures and templates for 50+ government organizations, ensuring consistency and alignment with best practices.


• Incident Detection and Triage: Provide expertise to detect and triage incidents reported across all 50+ organizations. Assist DGE in developing a unified incident classification and escalation protocol.


• 24/7 Incident Response Support: Provide 24×7×365 support to DGE (as requested) for managing high-priority incidents (e.g., data breaches, ransomware, insider threats), coordinating resources as needed across government organizations.


• Incident Containment and Mitigation: Assist with containing and mitigating incidents through centralized guidance, including isolating affected systems and networks, executing recovery actions, and minimizing damage propagation across organizations. Digital Forensics and Evidence Collection

Digital Evidence Preservation
:

Ensure digital evidence is collected and preserved properly on behalf of all affected government organizations, adhering to legal and regulatory standards for evidence handling.


• Forensic Imaging and Analysis: Work with DGE to create forensic images of compromised systems, ensuring investigations proceed without compromising evidence.


• Incident Investigation: Conduct detailed forensic investigations to determine the origin, impact, and scope of incidents affecting multiple organizations. Activities include analysis of logs, system configurations, network traffic, and other digital artifacts.

Root Cause Analysis:

Identify root causes of incidents and provide actionable recommendations to prevent recurrence across government organizations.

Post-Incident Activities
• Damage Assessment and Reporting: Provide centralized reports detailing the scope of damage, including compromised systems, data, and business functions. These reports will support recovery efforts and mitigation strategy development.


• Incident Recovery and Remediation: Support centralized recovery efforts by coordinating remediation actions across affected organizations, including system restoration, patching, and vulnerability remediation.
• Lessons Learned and Process Improvement: Conduct centralized post-incident reviews, document lessons learned, and recommend improvements to enhance preparedness and reduce future risks.

Proactive Cybersecurity and Preparedness


• Cybersecurity Awareness and Training: Develop and deliver training materials and programs on incident response best practices, reporting, and response procedures. Training will be coordinated through DGE and tailored to each organization's needs.


• Tabletop Exercises: Organize and facilitate centralized tabletop exercises simulating cyberattack scenarios, ensuring stakeholder engagement and real-world readiness across all government organizations.
Reporting and Documentation


• Incident Response and Forensic Reports: Prepare centralized, detailed reports for each incident, documenting findings, remediation actions, and risk mitigation strategies. Reports will be provided to DGE, which will manage communication with ADGEs.


• Forensic Analysis Documentation: Provide documentation detailing forensic investigation steps, including evidence collection methods, tools used, and conclusions, ensuring compliance with legal requirements.


• Executive-Level Reports: Generate high-level executive reports summarizing incident impacts, response efforts, and key takeaways for DGE senior leadership to support strategic decision-making.

Compliance and Legal Support


• Regulatory Compliance: Ensure digital forensics and incident response activities meet applicable regulatory requirements, including NIST, ISO, and UAE-specific or sector-specific mandates relevant to Abu Dhabi Government organizations.


• Legal and Law Enforcement Liaison: Assist with coordination among law enforcement, legal teams, and government entities as required, ensuring investigations comply with legal standards for evidence handling and reporting.

QUALIFICATIONS AND SKILLS


• Bachelor's degree in Computer science, Cybersecurity, Information Technology, or equivalent experience.
• Required Certifications (or Equivalent):

o Incident Response & Cybersecurity: CISSP, CISM, GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), CompTIA CySA+ or Security+

o Digital Forensics: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), EnCase Certified Examiner (EnCE), Certified Computer Examiner (CCE)


• Minimum
10+ years of experience in cybersecurity,
incident response, and/or digital forensics.
• Experience leading large-scale, multi-organization cyber incident responses.


• Strong background in government or public-sector cybersecurity operations.



Minimum 5+ years of experience in incident detection, triage, containment, and remediation.


• Hands-on experience responding to: Data breaches, Ransomware and malware incidents, Insider threats, Advanced persistent threats (APT)

Experience working in SOC, CSIRT, or CERT environments.


• Proven expertise in: Disk and memory forensics, Network forensics, Log analysis and timeline reconstruction, Evidence preservation and chain of custody


• Experience supporting legal proceedings and law enforcement investigations.

Note:
Please send your

CV

to

with the subject line:
DFIR Application