IR Incident Handler

Job description / Role

Incident Handler positions support higher-level cyber security operations by responding to critical and high volume events within a Incident Response at Mubadala. Incident responders manage the proper handling of Information Security incidents, coordinate efforts of and provide timely updates to multiple business units during response. They also perform proactive hunting exercises and develop training curriculum for incoming IR Analyst.

Responsibilities

• Performs intrusion scope and root cause analyses
• Assists intrusion remediation and strategy development and implementation
• Handles critical severity incidents as described in the operations runbook
• Performs additional analysis of escalations from Response Analysts and conduct case review
• Provides onboarding training and coaching to for lower-level IR Analysts
• Conducts proactive Cyber Hunting exercises based on threat intelligence from Response Analysts
• Identifies and develops workflow automation to lower response time and eliminate lengthy procedures
• Assist in data recovery from damaged or erased storage media and digital devices
• Assist in the preparation of reports to ensure proper understanding of threat campaign(s) techniques, lateral movements and extract indicators of compromise
• Participate in testing, deploying, and administering the infrastructure hardware and software required to effectively manage the organization’s Cybersecurity operational services, as needed.

Requirements

Minimum Qualifications

• BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience
• 3+ years of experience in Incident Response
• Experience developing event escalation and reporting procedures
• Experience leading Network Investigations
• Expert knowledge of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Expert knowledge of the Windows file system, registry functions and memory artifacts
• Ability to learn and operate in a dynamic environment ? Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
• Experience working in a 24/7 SOC environment

About the Company

Raqmiyat, a leading Systems Integration and IT Services company founded in 1983 in the United Arab Emirates, provides world class business solutions through its expertise in various domains and partnership with international firms of repute.

Raqmiyat is one of the Al Ghurair Group of Companies and an ISO 9001:2000 & CMMI Level 3 certified organization. We enable our clients to create and execute their digital transformation strategies. Our service is differentiated by the imagination, knowledge and experience across industries and technologies that we bring to every project we undertake.