Senior DFIR Analyst - Cyber Security

Technology and Digital

Qatar
Posted on 9 months ago

About The Job:

Aventus are working alongside a large organization based in Qatar who are looking for a skilled and experienced digital forensics and incident response specialist to join our cyber security practice.

As a member of the DFIR team, you will work in close collaboration with fellow security analysts, engineers, and other IT security specialists on client engagements – including the Security Operations, Threat Intelligence, Offensive Security, Security Platforms, and Network Security Engineering (to name just a few).

The individual in this role is required to carry out and lead investigations on a daily basis working alongside other analysts and investigators including making decisions about the appropriate processes to follow in both simple and complex cases.


Job Responsibilities:

Conduct digital forensic investigations on a variety of cyber incidents:

Acquire, process, and analyze digital evidence in accordance with international best practices and forensics standards:

  1. Examine and analyze logs/data from a broad variety of security technologies, such as Anti-viruses, IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources.
  2. Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images.
  3. Create and present customer reports to ensure clarity, quality, accuracy and value to the client.
  • Coordinate with cross-functional case teams to enhance the quality of investigations.
  • Maintain detailed documentation on cyber incidents.
  • Maintain evidence management and investigator records to ensure that the continuity and integrity of material is preserved.
  • Facilitate cyber exercises and new playbook creation.
  • Conduct research projects into new tools and techniques including working with third party suppliers and internal teams to integrate selected products in order to enhance DFIR processes.
  • Maintain high standards of deliverable quality with peer review and quality assurance.
  • Mentor and assist junior staff with technological / forensic issues through the provision of advice and guidance.
  • Continually improve on one’s own skills by acquiring knowledge to become an expert matter specialist in one or more specific areas of expertise.
  • Provide regular briefings and updates to other members DFIR team.


Job Requirements:

The ideal candidate will have a good understanding of endpoint, network and cloud defenses and detection methodologies, forensics, and incident response.

Successful candidates will have experience in one or more of the following areas:

5-10+ years of hands-on experience in information security, in areas such as security operations, intrusion detection, incident response, incident handling, log analysis, malware analysis, reverse engineering.

  1. Incident handling, to include experience conducting or managing incident response from small scale to large event coordination in an enterprise environment.
  2. Endpoint & network forensic analysis, to include analysis of relevant logs and data, and background using a variety of forensic analysis tools.

Knowledge of cybersecurity industry-leading international regulations, laws, standards and frameworks (such as NIST, ISO, CIS, OWASP, PCI-DSS, COBIT) and Qatari local ones (such as NIA or FIFA 2022 CSF)

  1. Ability to perform static and dynamic malware analysis to understand the nature of malware and develop signatures and indicators of compromise is a plus.
  2. Experience with development of incident response tools, scripts, and various detection content is a plus.

-Experience using forensic tools: Encase, Intella, AXIOM, IDA, Oxygen,...

-Consulting firm experience is a plus.


Qualifications and Soft Skills:

  • Bachelor's or master’s degree in Computer Science, Information Systems, Engineering or related field.
  • Strong background in the information and cybersecurity domain.
  • Strong ethical values and operate with the highest levels of integrity in the marketplace.
  1. Ability to execute in a fast paced, high demand environment while balancing multiple priorities.
  2. Passion to learn, as well as a dedication and self-driven desire to keep abreast of latest cybersecurity threats and hacking techniques.
  3. Strong verbal, written, and interpersonal communication skills with the ability to collaborate well with others.
  4. Flexibility in adapting to shifts and extended hours, as required.


Certifications:

Lead Cybersecurity qualification, such as CISSP, CISA, CISM, ISO, GCIA, GCIH, GCFA, GCFE, GREM, OSCP or other related certification would be preferable.


Tools:

Lead Cybersecurity qualification, such as CISSP, CISA, CISM, ISO, GCIA, GCIH, GCFA, GCFE, GREM, OSCP or other related certification would be preferable.


If the above matches your skillset, please apply.

This is a long term contract.

Apply Now