We are seeking a highly experienced and technically proficient Compromise Assessment Engineer to join our cybersecurity team within the UAE telecommunications sector. The ideal candidate will possess deep knowledge of compromise assessment, threat hunting, and digital forensics. Experience in handling sophisticated cyber threats targeting large-scale telecom infrastructures is essential.
You will be responsible for proactively identifying and mitigating indicators of compromise (IOCs), uncovering stealthy threat actor activities, and performing in-depth forensic analysis. You’ll work closely with incident response, SOC, and threat intelligence teams to defend one of the most critical national infrastructures.
Key Responsibilities:
- Perform compromise assessments across large-scale telecom environments to detect IOCs, APTs, and anomalous behavior.
- Analyze data from telecom-specific infrastructure, including signaling systems (e.g., SS7, Diameter), mobile core networks, BSS/OSS platforms, and subscriber data.
- Conduct endpoint, network, and log analysis using tools such as SIEM (Splunk, QRadar) and EDR (CrowdStrike, SentinelOne, Microsoft Defender ATP).
- Utilize telecom-specific tools and technologies for packet analysis and threat detection in mobile networks (e.g., Wireshark, NetScout, Niksun).
- Perform digital forensics using tools such as EnCase, FTK, Volatility, X-Ways.
- Correlate findings with threat intelligence platforms (e.g., MISP, ThreatConnect, Recorded Future) to identify known threats and adversary TTPs.
- Work within the MITRE ATT&CK framework to map adversary behaviors and enhance detection coverage.
- Collaborate with SOC, Incident Response, and Telecom Infrastructure teams to contain and remediate threats.
- Develop and maintain compromise assessment playbooks and methodologies aligned with telecom use cases.
- Provide technical reports and executive summaries highlighting findings, impact analysis, and recommendations.
- Stay updated on the latest telecom-specific threat actors, TTPs, and cybersecurity trends.
Required Qualifications & Skills:
- 5+ years of experience in cybersecurity, with at least 2+ years in the telecommunications industry.
- Proven experience in compromise assessment, threat hunting, and incident response.
- In-depth knowledge of APT tactics, malware analysis, forensic investigation techniques, and IOC enrichment.
- Familiar with telecom protocols and architecture (e.g., SS7, SIP, Diameter, LTE, 5G Core).
- Proficiency with tools:
- SIEM: Splunk, QRadar
- EDR: CrowdStrike, SentinelOne, Microsoft Defender ATP
- Forensics: FTK, EnCase, X-Ways, Volatility
- Packet Analysis: Wireshark, NetScout, Niksun
- Scripting: Python, PowerShell
- Understanding of Windows, Linux, and network infrastructure.
- Certifications such as GCFA, GCIH, GCIA, CHFI, or similar are highly preferred.
- Knowledge of threat intelligence frameworks and platforms is a strong plus.
