Incident Response and Forensic Analyst

ATS Middle East

Dammam, Saudi Arabia

Ref: OP900-71

Job description / Role

Employment: Full Time

- Host/network based forensic investigations.
- Develop custom reports based on data from multiple sources, including SIME and security appliances, threat intelligence, network sensors, and outside intelligence feeds
- Develop custom configurations / use cases for SIME products within xxxxx environment
- Develop, document and manage containment strategy
- Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Requirements

- Experience in an analytical role of either network forensics analyst, threat analyst or incident response
- One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas
- Experience developing and managing incident response programs.
- Expertise in analysis of TCP/IP network communication protocols.
- Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Experience with advanced computer exploitation methodologies.
- Ability to synthesize data from multiple sources and present concise, relevant information to a non-technical audience
- Experience with SIME and APT products, highly desired.
- Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired

Additional Qualifications:
- Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
- Excellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
- Exceptional written communication
- Excellent knowledge of current information security solutions and technologies, including network and host based products
- Experience implementing NIST information security guidelines in a diverse network environment
- Experience and knowledge of packet flow/TCP/UDP traffic, firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS)
- Malware/security experience
- Programming / scripting skills, highly desired.

About the Company

ATS Middle East provides niche and innovative recruitment services for clients across multiple industry sectors, sourcing staff from our national and international offices.

We are positioned to provide clients with a unique recruitment and consultancy solution across a range of business areas. We know how important it is to match each individuals skillsets, competencies and expectations to ensure a successful working relationship.

Get personalised updates on latest vacancies
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month