Incident Responder (IR) Senior Cyber Security Engineer / Expert
Obrela Security Industries
Riyadh, Saudi Arabia
Job description / Role
• As a member of Obrela Security Industries, you will work within established methodologies to perform a variety of Incident Response-related activities for OBRELA customers of varying levels of technical maturity, to immediately and efficiently respond to active threats.
• The Incident Responder provides direct, on-site, or remote assistance to our clients to assist them with recovering from complex cyber security incidents.
• You will be conducting remote analysis, running and participating in exercises and attack simulations, testing detection, and response tools and implementations, and assisting in the writing of Incident Response Plans.
• You will also submit post-incident root cause analysis and recommendation reports to customers to improve security architecture and process models in order to mitigate risks and prevent similar attacks.
• You demonstrate leadership abilities, clear and concise communication with others, ability to handle a crisis, as well as personal agility to adapt to changing environments.
• Strong comprehension of malware, emerging threats, and calculating risk will be critical to your success in this role.
• Execute the incident response process according to the incident response standard operating procedures while providing recommendations and guidance to customers
• Provide subject matter insight to clients about industry threat intelligence by developing advisories and maintaining deep awareness and understanding of evolving threat landscape
• Perform threat hunting to proactively identify attacks within customer networks by developing procedures and using existing tools
• Conduct research and continuously improve tools, methodologies, and techniques
• Serve as a subject matter expert for other consultants/teams and regularly collaborate and contribute to increasing the knowledge level of the group
• Demonstrate capability to map technical findings to business impacts and communicate those in a manner that is understandable by a non-technical audience
• Act as a point of escalation for critical security events and incidents and to OBRELA’s CSIRT team for escalation and remediation
• Take part in regular blue/purple team exercises and CTF events
• Be able to clearly communicate the Incident Response Lifecycle and the Attack Life Cycle (Kill Chain)
• Specialize in host-centric analysis of Windows and Linux systems utilizing forensic tools
• Familiar with network forensic analysis, with a good understanding of network protocols
• Understanding of different attacks techniques and tactics to provide custom detection, containment, and remediation plans for customers
• Programming/Scripting (Python, PowerShell, Bash etc.)
• Proactively seek adversaries on customer networks using a variety of tools and techniques
• Bachelors’ Degree in Computer Science or a related technical degree; or, equivalent industry experience
• Be a team player and regularly collaborate and contribute to increasing the knowledge level of the group
• Ability to write technical documents in a clear and concise manner
• Ability to travel abroad and remain on customer site until full incident recovery
About the Company
We manage cyber exposure, risks and compliance.
We identify, predict and prevent cyber threats.
We use security analytics and sophisticated risk and threat management technology to dynamically protect our clients by identifying, analyzing, predicting and preventing cyber threats.
In real time.