If you are a self-motivated individual passionate about cybersecurity, we encourage you to apply for this exciting opportunity to join our dynamic team at CyberGate Defense.
Job Title: DFIR Specialist – L2
We are Hiring a
DFIR Specialist (Digital Forensics and Incident Response)
Job Location: AbuDhabi Location/ Dubai
Job Role: Permanent
Responsibilities
- Ability to forensically analyze systems for evidence of compromise.
- Investigate security incidents, conduct a detailed analysis of security events, and determine the root cause of security breaches.
- Conduct forensics analysis on endpoints and networks and, investigate security incidents which involve digital forensic analysis, malware analysis, and log analysis.
- Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools.
- Coordinate and lead incident response efforts, including containment, eradication, and recovery activities.
- Develop and maintain incident response plans, playbooks, and standard operating procedures.
- Proactively hunt for potential security threats and vulnerabilities within the organization's networks, systems, and applications.
- Utilize various threat intelligence sources, security logs, and other tools to identify anomalous activities and potential security incidents.
- Collaborate with cross-functional teams, including IT, network operations, legal, and external partners, to ensure a comprehensive response to security incidents.
- Stay up to date with the latest security threats, vulnerabilities, and attack techniques, and provide recommendations for security improvements and countermeasures.
- Conduct post-incident analysis and create detailed reports documenting the incident response process and lessons learned.
- Participate in security incident simulations and tabletop exercises to test the effectiveness of incident response plans.
- Assist in implementing and maintaining security monitoring tools and technologies.
Qualifications
- Bachelor's degree in computer science, cybersecurity, or a related field (or equivalent work experience).
- Extensive experience in threat hunting, incident response, and cybersecurity operations.
- In-depth knowledge of security frameworks, such as MITRE ATT&CK, and industry-standard incident response methodologies.
- Strong understanding of network protocols, system logs, and security event management.
- Proficient in using various security tools, such as SIEM, IDS/IPS, EDR, and forensic analysis tools.
- Familiarity with cloud platforms, network security, and emerging technologies.
- Excellent analytical and problem-solving skills with the ability to analyze large datasets and identify patterns or indicators of compromise.
- Strong communication skills with the ability to effectively collaborate with cross-functional teams and communicate complex security issues to technical and non-technical stakeholders.
- Relevant certifications such as GCIH, GCFA will be an advantage.
- Experience with scripting or programming languages (e.g., Python, PowerShell) for automation and data analysis is a plus.
- Ability to work in a fast-paced environment, prioritize tasks, and handle multiple incidents simultaneously.
- Strong commitment to continuous learning and staying updated with the latest trends and best practices in threat hunting and incident response.
