Incident Response Security Engineer
Job Description & How to Apply Below
Position Overview:
Our client is seeking a highly skilled and detail-oriented Incident Response Security Engineer to join their team in Dubai. The ideal candidate will lead host-based investigations and compromise assessments across Unix/Linux and Windows environments, leveraging UAC and large-scale artifact triage to identify, contain, and remediate advanced threats within telecommunications infrastructures.
Key Responsibilities & Role:1. Incident Detection & Investigation (Telecom & Host-Based):
- Investigate security incidents within telecommunications environments, including core network, signaling, and service platforms.
- Analyze incidents involving telecom protocols and systems (e.g., SS7, SIP, Diameter, VoIP, signaling infrastructure).
- Perform deep host-based investigations on compromised systems.
- Conduct advanced investigations on Unix/Linux-based systems and supporting services.
- Lead and support compromise assessments to determine attacker presence, persistence, and lateral movement.
- Execute large-scale artifact triage across enterprise Windows and Linux fleets.
- Identify indicators of compromise (IOCs), attacker techniques, and affected assets.
- Collect and analyze host artifacts such as logs, processes, memory, persistence mechanisms, and network connections.
- Use and customize UAC (Unix-like Artifacts Collector) scripts for scalable evidence collection.
- Ensure forensic soundness and proper evidence handling.
- Recommend and execute containment strategies tailored to telecom infrastructure and production systems.
- Support eradication of malicious artifacts and validate system integrity post-remediation.
- Work closely with operations teams to minimize service disruption.
- Conduct proactive threat hunting across Unix/Linux and Windows systems using known TTPs and telecom-specific threat models.
- Correlate host-based findings with network and signaling activity.
- Contribute to the development and refinement of incident response playbooks for telecom environments.
- Improve investigation workflows for host-based and large-scale incident scenarios.
- Produce clear technical reports detailing findings, impact, and remediation actions.
- Brief stakeholders, SOC teams, and leadership on incident scope and risk.
- Share investigation techniques and lessons learned to strengthen detection capabilities.
- Background in telecommunications incident response and is familiar with telecom concepts and protocols.
- Prior investigation experience on Unix-based systems.
- Investigation background with direct experience in host-based investigations.
- Practical experience in using or customizing UAC script.
- Prior experience in conducting compromise assessments and large-scale artifact triage across both Windows and Linux environments.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×