×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager

Incident Response and Forensic Investigation Specialist; DFIR

Job in Dubai, Dubai, UAE/Dubai
Listing for: Help AG, an e& enterprise company
Full Time position
Listed on 2025-12-03
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager
Salary/Wage Range or Industry Benchmark: 120000 - 200000 AED Yearly AED 120000.00 200000.00 YEAR
Job Description & How to Apply Below
Position: Incident Response and Forensic Investigation Specialist (DFIR)

Incident Response and Forensic Investigation Specialist (DFIR)

Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist who will be responsible for off‑site and on‑site Incident Response activities and customer engagements, leveraging multiple security technologies. The candidate will guide and lead customers in handling security incidents and examine IT and security systems using best‑practice digital forensic methods to detect, validate and mitigate IT security related incidents.

He / she will join our Cyber Defence team within our Managed Security Services (MSS) business unit. If you have a strong knowledge and interest in incident response and/or digital forensics, this position might be the right one for you.

Responsibilities
  • Lead incident response engagements in unknown environments until all threats are remediated.
  • Develop custom incident response plans tied to specific environments and customer situations.
  • Examine and analyse logs/data from a broad variety of security technologies, such as antiviruses, IDS/IPS, firewalls, switches, VPNs and other threat data sources.
  • Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images.
  • Reverse engineer malicious software and develop signatures and indicators of compromise.
  • Actively develop incident response tools, scripts, and detection content.
  • Research Red Team techniques, develop custom detection queries, rules, watchlists and other content, and conduct threat hunts.
  • Articulate and execute common Incident Response methods (e.g., SANS).
  • Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
  • Work on‑site with clients during live security incidents.
  • Maintain a high degree of awareness of the current threat landscape.
  • Champion excellence and support others through active knowledge sharing, writing technical articles for internal knowledge bases, blog posts and reports as required.
  • Create and present customer reports to ensure quality, accuracy and value to the client.
  • Educate and train other analysts in execution of Incident Response processes and forensic analysis techniques.
  • Perform other essential duties as assigned.
Qualifications & Skills
  • A degree in Computer Science, Information Systems, Electrical Engineering or a closely related field.
  • 7+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, malware analysis, reverse engineering or threat detection.
  • At least 2‑3 years as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other analysts/security professionals.
  • Strong background or equivalent experience in at least four of the following:
    Security Threat and Event Analysis, Network Security Operations or Engineering, Reverse Engineering, Malware Analysis, Windows/Linux/OSX Forensics, Penetration Testing, Active Directory and Azure Administration.
  • Demonstrated experience in handling Incident Response engagements (APTs and ransomware) using the SANS Incident Response method (or similar).
  • Must hold at least one of the following active certifications: CREST Certified Registered Intrusion Analyst (CRIA), GIAC Cloud Forensics Responder (GCFR), GIAC Certified Forensic Analyst (GCFA), CREST Certified Host Intrusion Analyst (CC‑HIA), CREST Certified Network Intrusion Analyst (CC‑NIA), CREST Certified Incident Manager (CC‑IM), CREST Certified Threat Intelligence Manager (CC‑TIM), GIAC Reverse Engineering Malware (GREM).
  • Preferred certifications: CISSP, GCIA, GCIH, GCFE, OSCP.
  • Deep TCP/IP knowledge, networking and security product experience.
  • Strong knowledge of Red Team tactics and ability to find adversary traces on an enterprise scale.
  • Rapid development in scripting languages:
    Python, Power Shell, Bash.
  • Sound knowledge of IT security best practices, common attack types and detection/prevention methods.
  • Evidence of accountability for applying Incident Response methods, adherence to process and direct engagement with stakeholders.
  • Experience analyzing and interpreting system, security and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search