الوصف الوظيفي
Looking for Sr Incident resonse Tehcnical Consultant.
Mode Of Hire: Outsource
Location : Saudi
Note: Looking for Saudi nationals/ Local Visa transferable candidates
المهارات
JD:
Cyber Crime Investigation and Digital Artifacts Static & Dynamic Malware Analysis during IR
acquisition Discovering vulnerabilities and providing with
Maintaining the procedures for Threat Handling, recommendations to avoid the damage.
Incident Handling, and Forensics Handling multiple high-profile incidents related
Creation and Updating of Security Incident & to spear phishing, web application attacks,
Event Management (SIEM) Rules. ransomware
GAP Analysis for APT Campaigns Monitor external data sources (e.g., Threat
Risk Assessment & Mal Behavior identification Intelligent sources
Mentor the SOC team with latest security trends, Performing and Documenting Incident Drills
threat detection and analysis technique Detailed Incident forensic investigation report
Recommending security enhancements and Creating, testing and implementing network
purchases disaster recovery plan
Delivered Work
· Incident response reporting
· Forensic investigations
· Report writing skills
Skills and expertise
· Windows and Linux Forensics expertise
· Network
· Memory forensics
· Threat Hunting
· Background of Pentesting
· VA experience
· Incident response skills
Industry
· Telecom
· IT
· Advances security services
· Security Operations experience
· Banking sector;
Determine the timeline of the intrusion.
Determine the initial method of compromise.
Describe the overall attack methodology.
Resolve the incident with proper analysis.
Provide root cause and trend analysis for all incidents.
Receive, document, and report cyber security events and incidents
Categorize incidents and implement corresponding escalation procedures
Communicate and coordinate incident response efforts
Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
Respond to all cyber security scenarios such as – but not limited to:
Service disruption and impact to the customer business (such as systems in a data center going offline).
Huge and prolonged DDoS against critical assets that impacts the service delivered.
Spreading virus infection impacting internal systems.
New discovered Zero Day threats/vulnerabilities that could impact customer’s critical assets.
Phishing campaign against the customer business.
Provide support to unlimited number of incidents (no limit on the number of incidents).
Comply with incident response service methodology and internal customer processes including, but not limited to:
Using best practice Incident response technology.
Threat identification.
Incident scoping.
Containment strategy.
Evidence collection and forensic analysis.
Remediation.
Reporting.
Follow a well-defined process based (as the NIST incident handling guidelines)
Support different types of data and incidents collection mechanisms such as but not limited to:
Collection of live response data from systems.
Collection of network forensic data.
Intelligence collection.
Initial identification of malicious activity as well as indicators of compromise.
Provide a security simulation services for:
Simulating real world attacks.
Periodically assess and advance customer teams.
Evidence collected during the case is prepared for archival and provided to the customer along with the full report, executive presentations, and board presentations. Investigation reports must provide a comprehensive description and analysis of the incident and provide guidance for both executive and technical audiences
Reporting must include:
Malicious code analysis.
Attack timeline and taxonomy.
Indicators of compromise related to the case.
Analysis of identified threats and adversary profiles.
Victimology.
Root cause analysis.
Steps taken to contain and eradicate the threat.
Lessons learned.
تفاصيل الوظيفة
منطقة الوظيفة الرياض, المملكة العربية السعودية
قطاع الشركة أمن المعلومات و الشبكات
طبيعة عمل الشركة شركة توظيف
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف غير محدد
الراتب الشهري غير محدد
عدد الوظائف الشاغرة غير محدد
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 5 الحد الأقصى: 15
منطقة الإقامة المملكة العربية السعودية
https://www.bayt.com/ar/saudi-arabia/jobs/senior-incident-responder-response_saudi-arabia-4239360/
Printable Page 
Report Advertisement