الوصف الوظيفي
Incident responder:
o Cyber Crime Investigation and Digital Artifacts Static & Dynamic Malware Analysis
during IR
o acquisition Discovering vulnerabilities and providing with
o Maintaining the procedures for Threat Handling, recommendations to avoid the
damage.
o Incident Handling, and Forensics Handling multiple high-profile incidents related
o Creation and Updating of Security Incident & to spear phishing, web application
attacks,
o Event Management (SIEM) Rules. ransomware
o GAP Analysis for APT Campaigns Monitor external data sources (e.g., Threat
o Risk Assessment & Mal Behavior identification Intelligent sources
o Mentor the SOC team with latest security trends, Performing and Documenting
Incident Drills
o threat detection and analysis technique Detailed Incident forensic investigation
report
o Recommending security enhancements and Creating, testing and implementing
network
o purchases disaster recovery plan
Delivered Work
· Incident response reporting
· Forensic investigations
· Report writing skills
Skills and expertise
· Windows and Linux Forensics expertise
· Network
· Memory forensics
· Threat Hunting
· Background of Pentesting
· VA experience
· Incident response skills
Industry
· Telecom
· IT
· Advances security services
· Security Operations experience
· Banking sector;
Determine the timeline of the intrusion.
o Determine the initial method of compromise.
o Describe the overall attack methodology.
o Resolve the incident with proper analysis.
o Provide root cause and trend analysis for all incidents.
o Receive, document, and report cyber security events and incidents
o Categorize incidents and implement corresponding escalation procedures
o Communicate and coordinate incident response efforts
o Analyze reports to understand threat campaign(s) techniques, lateral movements and
extract indicators of compromise (IOCs).
Respond to all cyber security scenarios such as – but not limited to:
o Service disruption and impact to the customer business (such as systems in a data center
going offline).
o Huge and prolonged DDoS against critical assets that impacts the service delivered.
o Spreading virus infection impacting internal systems.
o New discovered Zero Day threats/vulnerabilities that could impact customer’s critical
assets.
o Phishing campaign against the customer business.
Provide support to unlimited number of incidents (no limit on the number of incidents).
Comply with incident response service methodology and internal customer processes
including, but not limited to:
o Using best practice Incident response technology.
o Threat identification.
o Incident scoping.
o Containment strategy.
o Evidence collection and forensic analysis.
o Remediation.
o Reporting.
Follow a well-defined process based (as the NIST incident handling guidelines)
o Support different types of data and incidents collection mechanisms such as but not limited
to:
o Collection of live response data from systems.
o Collection of network forensic data.
o Intelligence collection.
o Initial identification of malicious activity as well as indicators of compromise.
Provide a security simulation services for:
o Simulating real world attacks.
Periodically assess and advance customer teams.
Evidence collected during the case is prepared for archival and provided to the customer along
with the full report, executive presentations, and board presentations. Investigation reports
must provide a comprehensive description and analysis of the incident and provide guidance
for both executive and technical audiences
Reporting must include:
o Malicious code analysis.
o Attack timeline and taxonomy.
o Indicators of compromise related to the case.
o Analysis of identified threats and adversary profiles.
o Victimology.
o Root cause analysis.
o Steps taken to contain and eradicate the threat.
o Lessons learned.
المهارات
Delivered Work
· Incident response reporting
· Forensic investigations
· Report writing skills
Skills and expertise
· Windows and Linux Forensics expertise
· Network
· Memory forensics
· Threat Hunting
· Background of Pentesting
· VA experience
· Incident response skills
Industry
· Telecom
· IT
· Advances security services
· Security Operations experience
· Banking sector;
Determine the timeline of the intrusion.
o Determine the initial method of compromise.
o Describe the overall attack methodology.
o Resolve the incident with proper analysis.
o Provide root cause and trend analysis for all incidents.
o Receive, document, and report cybersecurity events and incidents
o Categorize incidents and implement corresponding escalation procedures
تفاصيل الوظيفة
منطقة الوظيفة الجبيل, المملكة العربية السعودية
قطاع الشركة خدمات تكنولوجيا المعلومات
طبيعة عمل الشركة شركة توظيف
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف عقود
الراتب الشهري غير محدد
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 7 الحد الأقصى: 14
https://www.bayt.com/ar/saudi-arabia/jobs/incident-responder-4178323/
Printable Page 
Report Advertisement