Lead Incident Response Consultant

The company is seeking a Lead Consultant – Incident Response to join our team in Saudi Arabia (on-site) for a full-time position. This dynamic role reports to the Director of Operations for Security Consulting Services. The successful candidate will work directly with a world-class incident response and forensics team, engaging in hands-on, customer-facing activities.

The primary responsibilities include leading and managing incident response engagements and training/mentoring other security consultants. Utilizing in-depth knowledge of threat actors’ tactics, techniques, procedures, and tooling, the consultant will provide guidance to team members and clients, ensuring situational awareness and effective response.

Responsibilities:

• Lead incident response engagements and mentor junior analysts.
• Serve as the primary contact for clients during investigations, delivering clear technical and executive-level updates.
• Focus on process improvement of customer-facing incident response services.
• Conduct host-based analysis and forensic functions across Windows, Linux, and Mac OS X systems.
• Review logs from firewalls, web, databases, and other sources to identify evidence of malicious activity.
• Leverage the Platform for investigations into security threats.
• Perform memory forensics and file analysis as needed.
• Contribute to threat intelligence generation within the ecosystem.
• Perform basic reverse engineering of malicious tools.
• Develop informative reports and presentations for both executive and technical audiences.
• Be available during nights/weekends for incident response engagements.

Required Skills:

• Excellent written and verbal communication skills.
• Experience interfacing with customers.
• Proficient in at least one scripting language (e.g., Shell, Ruby, Perl, Python).
• Ability to data mine using YARA, RegEx, or similar techniques to identify threats.
• Familiarity with forensic tools (e.g., EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility).
• Experience with malware analysis tools (e.g., IDA Pro, OllyDbg).
• Hands-on experience with APT campaigns, Tactics, Techniques and Procedures (TTPs), and malware analysis.
• Strong knowledge of operating system internals and endpoint security.
• Ability to work independently and within a team under pressure.
• Understanding of Active Directory security is a plus.

Education: Bachelor’s Degree in Computer Engineering, Computer Science, or related field, or 10+ years of experience in incident response and/or forensics.

Language Requirements: English proficiency required; additional language skills may be advantageous.

About the company: The company is dedicated to making a digital world that we can always trust by protecting people, devices, and data everywhere. Our mission is reflected in the trust placed in us by the largest enterprises, service providers, and government organizations globally. As the leading provider of security appliances, we secure digital journeys across the entire attack surface. Our Training Institute aims to provide extensive training and career opportunities in the cybersecurity field.