Senior Consultant - FortiGuard Incident Response

About the Job:
We are looking for a Senior Consultant – Incident Response to work in a dynamic and exciting new position reporting to the Director of Operations for Security Consulting Services. The analyst will work directly with members of a world-class incident response and forensics team comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics, and threat actors' TTPs (tactics, techniques, and procedures).
In this hands-on, customer-facing role, the consultant’s main objective is to lead and manage incident response engagements and train/mentor other security consultants. Leveraging your in-depth understanding of threat actor tactics and tools as well as our flagship tooling, you will provide guidance to team members and clients. Additionally, the candidate may help create threat research work products such as blogs and presentations.

Location: Saudi Arabia (On-site)
Work Conditions: Full-time, availability during nights/weekends as needed for incident response engagements

Responsibilities:

• Assist the IR Lead during engagements and mentor/training junior analysts.
• Focus on process improvement for customer-facing incident response services.
• Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems.
• Conduct network forensics and log analysis during IR engagements.
• Review firewall, web, database, and other log sources to identify evidence of malicious activity.
• Use our Platform to detect and analyze security threats.
• Perform memory forensics and file analysis as needed.
• Monitor underground forums, Threat Labs, and other intelligence outlets to stay updated on latest tactics and techniques.
• Conduct basic reverse engineering of threat actor tools.
• Develop complete and informative reports and presentations for both executive and technical audiences.

Required Skills:

• Excellent written and verbal communication skills.
• Experience interfacing with customers.
• Proficiency in at least one scripting language (Shell, Ruby, Perl, Python, etc.).
• Ability to data mine using YARA, RegEx, or other techniques to identify threats.
• Experience with forensic tools (EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump).
• Familiarity with malware analysis tools (IDA Pro, OllyDbg, Immunity Debugger).
• Hands-on experience with APT campaigns and malware analysis.
• Strong knowledge of operating system internals and endpoint security.
• Ability to communicate with both technical and executive personnel.
• Understanding of Active Directory security is a plus.

Education:

• Bachelor’s Degree in Computer Engineering, Computer Science, or related field, or 5+ years of experience with incident response and/or forensics.

The company is committed to making the digital world secure through its advanced cybersecurity solutions and services, empowering organizations across various sectors to protect their data and devices effectively.