DFIR Specialist

Abu Dhabi, United Arab Emirates
| Posted on 06/15/2023
If you are a self-motivated individual passionate about cybersecurity, weencourage you to apply for this exciting opportunity to join our dynamic teamat CyberGate Defense.
Job Title: DFIR Specialist – L2
We are Hiring a DFIRSpecialist (Digital Forensics and Incident Response)
Job Location: AbuDhabi Location/Dubai
Job Role: Permanent
Responsibilities:
Ability to forensically analyze systems for evidence of compromise.
Investigate security incidents, conduct a detailed analysis ofsecurity events, and determine the root cause of security breaches.
Conduct forensics analysis on endpoints and networks and,investigate security incidents which involve digital forensic analysis,malware analysis, and log analysis.
Identify security incidents through ‘Hunting’ operations within aSIEM and other relevant tools.
Coordinate and lead incident response efforts, includingcontainment, eradication, and recovery activities.
Develop and maintain incident response plans, playbooks, andstandard operating procedures.
Proactively hunt for potential security threats and vulnerabilitieswithin the organization's networks, systems, and applications.
Utilize various threat intelligence sources, security logs, andother tools to identify anomalous activities and potential securityincidents.
Collaborate with cross-functional teams, including IT, networkoperations, legal, and external partners, to ensure a comprehensiveresponse to security incidents.
Stay up to date with the latest security threats, vulnerabilities,and attack techniques, and provide recommendations for security improvementsand countermeasures.
Conduct post-incident analysis and create detailed reportsdocumenting the incident response process and lessons learned.
Participate in security incident simulations and tabletop exercisesto test the effectiveness of incident response plans.
Assist in implementing and maintaining security monitoring toolsand technologies.
Qualifications:
Bachelor's degree in computer science, cybersecurity, or a relatedfield (or equivalent work experience).
Extensive experience in threat hunting, incident response, andcybersecurity operations.
In-depth knowledge of security frameworks, such as MITREATT&CK, and industry-standard incident response methodologies.
Strong understanding of network protocols, system logs, andsecurity event management.
Proficient in using various security tools, such as SIEM, IDS/IPS,EDR, and forensic analysis tools.
Familiarity with cloud platforms, network security, and emergingtechnologies.
Excellent analytical and problem-solving skills with the ability toanalyze large datasets and identify patterns or indicators of compromise.
Strong communication skills with the ability to effectivelycollaborate with cross-functional teams and communicate complex securityissues to technical and non-technical stakeholders.
Relevant certifications such as GCIH, GCFA will be an advantage.
Experience with scripting or programming languages (e.g., Python,PowerShell) for automation and data analysis is a plus.
Ability to work in a fast-paced environment, prioritize tasks, andhandle multiple incidents simultaneously.
Strong commitment to continuous learning and staying updated withthe latest trends and best practices in threat hunting and incidentresponse.#J-18808-Ljbffr

---