Incident Response Expert

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region’s ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments.

As experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Participates in leading incident response team effectively and efficiency and respond to cyber Contribute as a team member during incident response engagements and respond to cyber security incidents to clients within Saudi Arabia and GCC region that involve non-traditional working hours and willing to routinely travel with less than 48-hour notice.
• Contributes as a team member during compromise Assessment engagements for clients within Saudi Arabia and GCC region.
• Contributes to adversary hunting (Tactics, Techniques, and Procedures) on clients’ environments utilizing different tools and techniques.
• Facilitates and coordinates client meetings, required documentation and provide support to team leads.
• Contributes to incident response and compromise assessment reports’ writing.
• Shadows Incident response lead in deep dive analysis of compromised assets.
• Supports during the deployment and configuration of EDR and NDR technologies as per lead consultant instructions.
• Spots false positive findings during Incident Response and compromise assessment engagement.
• Maintains a thriving environment with team members.
• Adheres to departmental and section processes, procedures, and standards.
• Contributes to existent EDR solution’s fine tuning detection rules exercise.
• Able to quickly learn and understand new technologies and techniques related to incident response and cyber security in general.
• Updates about latest cybersecurity attacks, threats, and analysis techniques.
• Parses and analyzes host behaviors, logs, artifacts, and network traffic to detect threats and identify anomalies.
• Understands collection scripts and contribute to finding workarounds to collect and analyze data when deploying an EDR is not possible.

Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related discipline.

Professional Certificate such as the below are Preferred:

• Professional Certificate such as GCIH, GCFA, GCFE, GNFA, GREM, or any other equivalent certifications is preferred.

Years of Experience:

• A minimum of 7 years in relevant experience.

Skills:

• Advance knowledge of current cyber security threats, attacks, tactics, techniques, and countermeasures.
• Intermediate knowledge of the Incident Response Lifecycle, the Cyber Kill Chain. framework, MITRE ATT&CK framework, and their related tactics, techniques, tools, procedures.
• Advance knowledge of digital forensics and its methodology, security and network architectures, operating systems (including Linux/Unix and Windows).
• Advance knowledge of network forensic artifacts’ collection and analysis.
• Advance knowledge of utilizing a variety of leading network and host forensic tools.
• Intermediate proficiency in written and verbal communication skills.
• Intermediate knowledge in operating systems.