Incident Response Forensic Investigation Specialist, Dubai

  • Full Time
  • Dubai
  • Posted 2 months ago

Kingston Stanley


  • Responsible for offsite and onsite Incident Response activities
  • Customer engagements, leveraging multiple security technologies, guiding and leading customers in the handling of Security Incidents
  • Examining IT and security systems using bestpractice digital forensic methods to detect, validate and mitigate IT security related incidents


  • Lead incident response engagements in unknown environments until all threats are remediated
  • Develop custom incident response plans tied to specific environments and customer situations
  • Examinate and analyze logs/data from a broad variety of security technologies, such as Antiviruses, IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources
  • Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images
  • Reverse engineer malicious software and develop signatures and indicators of compromise
  • Actively develop incident response tools, scripts, and various detection content
  • Research Red Team techniques, develop custom detection queries, rules, watchlists and other content, and conduct threat hunts
  • Work onsite as required with clients during Live Security Incidents

Qualifications / Experience

  • Demonstrable experience in the use of Digital Forensics tools, techniques and concepts including creating and using custom tools and scripts
  • Static reverse engineering and analysis of malware written in different languages (X86/X64/C/C#, Go, signatures and Yara/Snort/Sigma rules development
  • Knowledge of Red Team tactics and ability to find adversary traces on Enterprise scale
  • Rapid development in scripting languages: Python/PowerShell /Bash
  • Deep TCP/IP knowledge, networking and security product experience
  • Knowledge of attack activities, such as scans, man in the middle, sniffing, DoS, DDoS,
  • Possible abnormal activities, such as worms, Trojans, viruses, etc.
  • CISSP, GCIA, GCIH, GCFA, GCFE, GREM, OSCP certification would be preferable
  • 10+ years in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, malware analysis, reverse engineering or threat detection

To apply for this job please visit

Job Overview
Job Location