×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Network Security

Incident Response & Forensics Manager; IT & OT

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: ACWA Power
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Network Security
Salary/Wage Range or Industry Benchmark: 150000 - 200000 SAR Yearly SAR 150000.00 200000.00 YEAR
Job Description & How to Apply Below
Position: Incident Response & Forensics Manager (IT & OT)

The Incident Response & Forensics Manager (IT & OT) is responsible for managing and leading the organization's incident response and forensic investigation efforts across both Information Technology (IT) and Operational Technology (OT) environments. This role ensures that security incidents are promptly detected, contained, investigated, and remediated, while also overseeing the collection and analysis of forensic evidence. The manager coordinates across multiple teams to enhance the organization’s ability to respond to cyber incidents, minimize damage, and prevent future security breaches within both IT and OT domains.

Responsibilities
  • Lead and manage the organization s incident response efforts across both IT and OT systems, ensuring rapid detection, containment, and resolution of security incidents.
  • Develop and maintain incident response playbooks addressing threats to both IT and OT environments.
  • Coordinate with internal teams and external stakeholders to ensure effective communication and collaboration during incident response efforts.
  • Oversee the triage, prioritization, and escalation of security incidents, ensuring that critical threats are addressed in a timely manner.
  • Provide incident response support to both IT and OT infrastructure teams, advising on containment actions and recovery steps.
  • Offer remediation guidance including configuration changes and preventive measures to minimize future threats in both IT and OT systems.
  • Triage alerts from detection platforms, identifying and removing false positives across IT and OT environments.
  • Escalate genuine threats and security incidents to the appropriate teams for further investigation and remediation, ensuring timely and accurate response to both IT-based and OT-based threats.
Forensic Investigation (IT & OT)
  • Lead digital forensic investigations within both IT and OT systems to determine the root cause of security incidents, ensuring the proper collection, preservation, and analysis of digital evidence.
  • Utilize forensic tools and techniques to investigate compromised systems, networks, and devices across IT and OT infrastructures.
  • Ensure that forensic processes adhere to legal and regulatory requirements, and that evidence is documented in a formal and defensible manner for potential legal proceedings.
  • Conduct continuous monitoring of security events across both IT and OT environments using SIEM, XDR, and other Threat Detection, Investigation, and Response (TDIR) platforms.
  • Analyze telemetry from multiple sources (network traffic, endpoints, OT systems, etc.) to detect and investigate potential cyber threats, ensuring comprehensive coverage across both digital and physical systems.
  • Monitor and analyze security events from various sources—including SIEM, IDS/IPS, firewalls, endpoint detection systems, and OT-specific monitoring tools—to identify potential threats and vulnerabilities.
  • Lead efforts to correlate security information from both IT and OT environments to identify patterns of anomalous behavior and mitigate potential threats.
  • Document formal technical incident reports for consumption by IT and OT infrastructure teams and senior leadership, providing detailed information on root causes, affected systems, and next steps.
  • Ensure clear and concise communication of incident details to both IT and OT stakeholders, enabling effective decision-making during and after incidents.
  • Ensure accurate and detailed documentation of all security incidents, including timelines, actions taken, and outcomes, for post-incident reviews and compliance reporting.
  • Prepare formal incident reports and technical summaries for senior management, internal stakeholders, and regulatory authorities as required.
  • Conduct post-incident reviews and lessons learned sessions to identify opportunities for improvement in incident response procedures for both IT and OT environments.
  • Work closely with threat hunting teams to optimize TDIR capabilities by incorporating findings from threat hunting activities in both IT and OT environments.
  • Continuously improve detection and response strategies based on real-world threat activity affecting both IT networks and OT systems.
  • Collaborate with IT…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search