Consultant - Incident Response Group 42

Employer Active

Posted 9 hrs ago

Experience

1 - 6 Years

Job Location

Abu Dhabi - United Arab Emirates

Education

Bachelor of Science(Computers)

Nationality

Any Nationality

Gender

Not Mentioned

Vacancy

1 Vacancy

Job Description

Roles & Responsibilities

Responsibilities:
Key Responsibilities
  • At least 1-3 years of experience in the following activities
  • Serve as technical expert on active incident response engagements across different IR Retainer customers
  • Achieve tasks independently within the team before initial 6 months
  • Execute threat hunting activities in support of incident response and proactive environment assessments
  • Carry out host-based assessments using EDR tools and network assessments utilising full packet data to determine the extent and scope of possible compromise
  • Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
  • Execute digital forensic investigations supporting cyber incident response engagements
  • Contribute to process documentation and continuous service improvement activities
  • Flexible schedule that is open to changing situations and opportunities
  • Learn to produce detailed reports and technical briefs
  • Explain technical findings in a manner that can be easily understood by technical and non-technical staff
  • You must be a team player, with a humble and approachable nature who is willing to go the extra mile.

Technical Skills

  • Strong understanding of blue team operations and threat hunting
  • Sound understanding of network protocols, TCP/IP etc.
  • Sound understanding of Microsoft Windows
  • Sound understanding of Linux and/or OSX is a plus
  • Ability to learn forensic skills across multiple operating systems
  • Basic understanding of network analysis tools like Bro/Zeek, Rita or Suricata
  • Ability to perform analysis of system and network devices logs
  • Basic understanding of the capabilities of static and dynamic malware analysis
  • Sound understanding of enterprise systems, technologies, and infrastructure
  • Strong understanding of current threats, vulnerabilities, and attack trends
  • Sound understanding of ATT&CK framework
  • Good organisational skills, ability to prioritise, and ability to learn to work independently before the end of the trial period
  • Ability to learn quickly and apply the learnings into the job on a day-to-day basis

Desired Candidate Profile

Qualifications:
Certifications/Qualifications/Skills
  • Good attention to detail and reporting accuracy
  • English language skills, both spoken and written
  • GIAC Certified in a minimum of one discipline: GNFA, GCIH, GCIA, GCFE, GCFA, GDAT, etc Or equivalent (eLearnSecurity .etc)
  • At least previous basic experience working with EDR tools and threat hunting tools
  • Previous experience performing network forensics desirable
  • Knowledge about cloud security infrastructure (AWS, Azure, Oracle, others) desirable
  • Knowledge about OT/ICS/SCADA technologies will be a plus
  • Bachelor's degree in Computer Science or Engineering desirable, but not mandatory

Company Industry

  • IT - Software Services

Department / Functional Area

  • IT Software

Keywords

  • Consultant - Incident Response

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com

Group 42

https://careers.g42.ai/global/en/job/2088/