The role of Incident Response at Acuative Middle East involves leading and executing incident response and digital forensic investigations across complex environments. The primary goal is to minimize security risks, ensure rapid threat mitigation, and maintain organizational integrity within critical infrastructure and information systems.
Location: Jubail, Eastern, Saudi Arabia
Work Conditions: On-site, Full-time
Key Responsibilities:
- Conduct digital forensic investigations to identify root causes and threat vectors, ensuring timely containment and eradication of security incidents.
- Perform incident response analysis and threat hunting to detect, assess, and respond to potential security breaches across enterprise environments.
- Analyze memory, network, and host artifacts to uncover indicators of compromise and reconstruct attacker activity.
- Prepare and deliver detailed, technically sound incident and forensic reports to support business continuity and compliance requirements.
- Collaborate with Security Operations Centers (SOCs) and IT teams to improve detection and response capabilities.
- Assess and enhance the effectiveness of current security controls through vulnerability assessments and penetration testing.
- Maintain and apply current knowledge of threat intelligence, attacker tools, techniques, and procedures (TTPs).
- Contribute to developing and refining incident response playbooks and forensic investigation methodologies.
Qualifications and Education:
- Essential: Bachelor’s degree in Computer Science or related field.
- Preferable: Master’s degree in Information Security or a similar discipline.
Experience:
- Essential: Minimum 7 years of hands-on experience in Digital Forensics and Incident Response.
- Preferable: Overall 10+ years in cybersecurity roles across multiple domains.
Training:
- Completion of advanced cybersecurity incident response training programs.
- Practical workshops and in-house training in forensic analysis and SOC collaboration.
Specialized Knowledge and Skills:
- Proficient in Windows and Linux forensic analysis techniques.
- Deep understanding of memory forensics and network traffic investigation.
- Hands-on experience in threat hunting, vulnerability assessments, and penetration testing.
- Strong report writing and communication skills tailored for both technical and executive audiences.
- Exposure to multiple security technologies and threat intelligence platforms.
- Prior work experience in sectors such as Telecom, Banking, and Advanced Security Services is highly beneficial.
Certifications:
- Essential:
- GCFA (GIAC Certified Forensic Analyst)
- GNFA (GIAC Network Forensic Analyst)
- GCIA (GIAC Certified Intrusion Analyst)
- GREM (GIAC Reverse Engineering Malware)
- GCIH (GIAC Certified Incident Handler)
- GCFE (GIAC Certified Forensic Examiner)
- eCTHP (Certified Threat Hunting Professional)
Behavioral Competencies:
- Analytical thinking and investigative mindset.
- Strong communication and report writing skills.
- Attention to detail with a proactive problem-solving approach.
- Collaboration and teamwork in high-pressure situations.
Technical Competencies:
- Proficiency in forensic tools (e.g., EnCase, Volatility, FTK).
- Strong grasp of SIEM platforms and EDR tools.
- Scripting and automation for threat detection (Python, PowerShell, etc.).
- Deep understanding of MITRE ATT&CK and threat modeling frameworks.
Language Requirements:
- No specific language requirements mentioned.
