Job Search and Career Advice Platform

Enable job alerts via email!

Incident Response Security Engineer

RecruitMe Plus

Dubai

On-site

AED 200,000 - 300,000

Full time

Yesterday
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading recruitment firm is seeking an Incident Response Security Engineer for their client in Dubai. This role involves investigating security incidents, conducting compromise assessments, and leading artifact triage in telecommunications environments. Ideal candidates will possess extensive knowledge of Unix/Linux systems and telecom protocols, with experience in host-based investigations. Responsibilities include producing technical reports and enhancing incident response workflows. Join a dynamic team dedicated to improving security within telecom infrastructures.

Qualifications

  • Experience in telecommunications incident response and familiarity with telecom protocols.
  • Hands-on experience with Unix/Linux systems and host-based investigations.
  • Ability to execute compromise assessments and triage artifacts effectively.

Responsibilities

  • Investigate security incidents within telecom environments including core network and signaling.
  • Lead compromise assessments to identify attacker presence and techniques.
  • Collect and analyze host artifacts while ensuring forensic soundness.
  • Execute containment and eradication strategies tailored to telecom systems.
  • Conduct proactive threat hunting using telecom-specific models.
  • Contribute to incident response playbooks and improve workflows.
  • Produce technical reports and brief stakeholders on findings.

Skills

Telecommunications incident response
Host-based investigations
Unix/Linux systems
Large-scale artifact triage
Telecom protocols

Tools

UAC (Unix-like Artifacts Collector)
Job description
Position Overview:

Our client is seeking a highly skilled and detail-oriented Incident Response Security Engineer to join their team in Dubai. The ideal candidate will lead host-based investigations and compromise assessments across Unix/Linux and Windows environments, leveraging UAC and large-scale artifact triage to identify, contain, and remediate advanced threats within telecommunications infrastructures.

Key Responsibilities & Role:
1. Incident Detection & Investigation (Telecom & Host-Based):
  • Investigate security incidents within telecommunications environments, including core network, signaling, and service platforms.
  • Analyze incidents involving telecom protocols and systems (e.g., SS7, SIP, Diameter, VoIP, signaling infrastructure).
  • Perform deep host-based investigations on compromised systems.
  • Conduct advanced investigations on Unix/Linux-based systems and supporting services.
2. Compromise Assessment & Threat Analysis:
  • Lead and support compromise assessments to determine attacker presence, persistence, and lateral movement.
  • Execute large-scale artifact triage across enterprise Windows and Linux fleets.
  • Identify indicators of compromise (IOCs), attacker techniques, and affected assets.
3. Digital Forensics & Artifact Collection:
  • Collect and analyze host artifacts such as logs, processes, memory, persistence mechanisms, and network connections.
  • Use and customize UAC (Unix-like Artifacts Collector) scripts for scalable evidence collection.
  • Ensure forensic soundness and proper evidence handling.
4. Containment, Eradication & Recovery:
  • Recommend and execute containment strategies tailored to telecom infrastructure and production systems.
  • Support eradication of malicious artifacts and validate system integrity post-remediation.
  • Work closely with operations teams to minimize service disruption.
5. Threat Hunting & Proactive Detection:
  • Conduct proactive threat hunting across Unix/Linux and Windows systems using known TTPs and telecom-specific threat models.
  • Correlate host-based findings with network and signaling activity.
6. Incident Response Process & Playbooks:
  • Contribute to the development and refinement of incident response playbooks for telecom environments.
  • Improve investigation workflows for host-based and large-scale incident scenarios.
7. Reporting, Collaboration & Knowledge Transfer:
  • Produce clear technical reports detailing findings, impact, and remediation actions.
  • Brief stakeholders, SOC teams, and leadership on incident scope and risk.
  • Share investigation techniques and lessons learned to strengthen detection capabilities.
Qualifications & Skills:
  • Background in telecommunications incident response and is familiar with telecom concepts and protocols.
  • Prior investigation experience on Unix-based systems.
  • Investigation background with direct experience in host-based investigations.
  • Practical experience in using or customizing UAC script.
  • Prior experience in conducting compromise assessments and large-scale artifact triage across both Windows and Linux environments.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
TrustpilotImage showing a rating of 4.5 out of 5 stars on Trustpilot for JobLeads, indicating a high level of customer satisfaction.
Rated “Excellent” based on 19,630 reviews
Top locations
Top companies
Top positions