Incident Response and Forensic Investigation Specialist (DFIR)

Help AG, an e& enterprise company, is seeking a talented and experienced Incident Response and Forensic Investigation Specialist (U.A.E National). This role involves managing both off-site and on-site incident response activities, guiding customers in handling security incidents, and investigating IT and security systems using best-practice digital forensic methods. The position is within the Cyber Defence team of the Managed Security Services (MSS) business unit.

Responsibilities:

• Lead incident response engagements in unknown environments until all threats are remediated.
• Develop custom incident response plans tailored to specific environments and customer situations.
• Examine and analyze logs/data from various security technologies including antiviruses, IDS/IPS, firewalls, switches, and VPNs.
• Perform forensic analysis on artifacts such as RAM, packet captures, logs, and disk images.
• Reverse engineer malicious software and develop signatures and indicators of compromise.
• Actively develop incident response tools, scripts, and detection content.
• Research Red Team techniques and conduct threat hunts.
• Articulate and execute common Incident Response methods (e.g., SANS).
• Provide technical assistance through inbound requests via phone and other electronic means.
• Work on-site with clients during live security incidents.
• Maintain awareness of the current threat landscape.
• Share knowledge and write technical articles for internal knowledge bases, blog posts, and reports.
• Create and present customer reports ensuring quality and value.
• Educate and train analysts on incident response processes and forensic analysis techniques.
• Perform other essential duties as assigned.

Qualifications & Skills:

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a related field.
• 7+ years of experience in information security, including security operations, intrusion detection, and incident handling.
• 2-3 years of experience as a Senior or Lead Analyst, guiding and mentoring other professionals.
• Strong background in several relevant areas, including security threat and event analysis, malware analysis, forensics, and penetration testing.
• Experience managing incident response engagements using established methods (e.g., SANS).
• At least one active certification required (e.g., CREST, GIAC).
• Deep knowledge of TCP/IP, networking, and security products.
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash).
• Strong knowledge of IT security best practices, attack types, and detection methods.
• Experience in digital forensics and knowledge of malware reverse engineering.
• Familiarity with detecting abnormal activities and potential threats.

Benefits:

• Health insurance with a leading global provider.
• Opportunities for career progression through challenging projects.
• Employee engagement and wellness activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working arrangements.
• Open door policy.

About Us:
Help AG is the cybersecurity arm of e& enterprise, providing strategic consultancy and tailored information security services to businesses and governments across the Middle East. Established in 2004, Help AG was acquired by e& in February 2020, further enhancing its capabilities in cybersecurity and digital transformation. The company focuses on delivering unmatched value through best-of-breed technologies and expert services to strengthen cyber defenses and safeguard businesses.