Senior Soc Engineer/ Digital Forensics & Incident Response

We Are Hiring: Senior SOC Engineer / Digital Forensics & Incident Response (DFIR)

Join our Cyber Security team at Etisalat UAE – Head Office, Dubai.

We are looking for a highly skilled cybersecurity professional with strong expertise in digital forensics, incident response, threat hunting, and security operations to protect and defend our digital infrastructure against advanced threats.

Key Responsibilities

Threat Monitoring & Incident Response

• Monitor security alerts across SIEM, EDR, IDS/IPS, and network security tools.
• Perform full lifecycle incident response: detection, containment, eradication, and recovery.
• Lead forensic investigations for cyber incidents including APTs, ransomware, and insider threats.

Digital Forensics & Evidence Handling

• Conduct host, network, and mobile forensics across Windows, Linux, macOS, and mobile platforms.
• Utilize advanced forensic tools (EnCase, FTK, Cellebrite, Oxygen, Volatility).
• Ensure proper chain of custody and documentation aligned with regulatory standards.

Threat Hunting & Intelligence

• Perform proactive threat hunting based on IOCs, TTPs, and behavioral analysis.
• Analyze global threat intelligence feeds and track emerging cyber risks.
• Develop custom hunting queries using KQL and enhance detection rules.

Cloud Security & IR

• Lead cloud incident response and forensics across AWS & Azure environments.
• Investigate cloud logs, identity events, workload activities, and anomalous behaviors.

Automation & Advanced Analysis

• Use Python/PowerShell scripts to automate investigation and response tasks.
• Conduct initial malware analysis and assess potential impact.

Reporting & Documentation

• Produce detailed incident reports, forensic summaries, and threat-hunting findings.
• Present technical insights clearly to both technical and non-technical stakeholders.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or related field.
• 6–8 years of experience in SOC, DFIR, Threat Hunting, or Cyber Incident Response.
• Strong experience with SIEM (Splunk, Sentinel), EDR, packet analysis, and log forensics.
• Mandatory DFIR certifications (GCFA, GCIH, GCFE, or equivalent preferred).
• Strong scripting skills (Python, PowerShell) and familiarity with MITRE ATT&CK.
• Excellent analytical skills, attention to detail, and ability to work under pressure.
• Fluent in English.

Job Type: Full-time

Pay: AED18,000.00 - AED22,000.00 per month

Application Question(s):

• Do you have hands-on experience in Digital Forensics & Incident Response (DFIR), including host forensics, memory analysis, network forensics, and incident handling?

(Please mention the tools you use such as EnCase, FTK, Cellebrite, Volatility, Splunk, Sentinel, etc.)

• Have you previously worked in a SOC environment with threat hunting responsibilities?

(Kindly share your experience with SIEM, EDR, IDS/IPS, and cloud IR on AWS/Azure.)

• Do you hold any cybersecurity certifications such as GCFA, GCIH, GCFE, OSCP, or similar?

(Please list all relevant certifications.)

• What is your expected salary, age, notice period, and current location?