We are seeking a skilled Cybercrime Investigator to join our High-Tech Crime Investigation team. In this role, you will have the opportunity to analyse the attackers behind cybercrimes and beyond. This challenging position requires ingenuity, attention to detail, and strong technical skills. As part of our team, you will engage in extremely interesting and responsible work that helps to safeguard our clients from cyber threats. You will be at the forefront of investigations, employing innovative thinking and technical expertise to solve complex problems.
What you will learn:
- Investigation of cyber incidents like phishing attacks, data theft, web server compromise, malware attacks, DDoS, etc.
- Collecting digital evidence and its analysis: logs, emails, servers and workstation images.
- Reconstruction of the incident chronology, TTPs of threat actors and their toolkit.
- Identifying developers of malware and administrators behind the websites.
- Generation of hypothesis and problem solving skills.
Task to solve
• Consulting of clients in questions related to cyber investigations
• Conducting preliminary assessment of the incident, analysing entry points for the
investigation.
• Forensics analysis of file system images, technical logs (web servers logs, email server logs, network logs etc.), email headers, etc.
• Analysing network infrastructure, digital assets and indicators pertained to threat actors.
• Tracking down threat actors across the Clear, Deep, and DarkWeb using passive and active intelligence collection techniques.
• Producing well-structured investigation reports in English.
• Monitoring of active threat actors operating in the Middle East and Africa region, hunt for new and investigate their activities.
• Contributing to development of new ways of collecting and analysing intelligence data.
• Participate in writing articles, blogs and research on cyber investigations.
Requirements
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field, along with 3-5 years of relevant experience.
- Excellent oral and written communication skills in Arabic and English.
- Experience with web technologies, including hosting, servers, databases, and mail servers.
- Proficient in SQL for data extraction and analysis.
- Have Linux administration skills, freely use Bash, regexp, familiar with related file systems structure, basic Linux forensics skills.
- Familiarity with digital forensics concepts, including host and network analysis, and knowledge of operating systems (Windows, Linux) and file systems (NTFS, FAT, ext4).
- Knowledge of OSINT techniques, such as social media research, Google Dorks, and geolocation from images.
- Understanding of internet protocols (DNS, SMTP, HTTP) and experience with web hosting and email servers.
- Strong analytical skills, comfortable navigating complex data sets and identifying issues.
Additional Requirements
- Experience working on Digital Investigations, Threat Intelligence
- Programming skills, ability to understand code general functionality, at least, with one of following (php/python/js)
- Information Security certifications (GIAC, CompTIA, EC-Council, ICS2, CREST, etc.)
- Familiar with cyber threats, modern fraud schemes and cyber-attacks methods
- Experience in investigation report writing and presentation in English language
- Understanding of web application security essentials and experience with tools like Burp, SQLMap, or WPScan or similar
Sounds good? Apply now!
