Enable job alerts via email!

Cybersecurity Incident Response Specialist

Saudi Air Navigation Services

Jeddah

On-site

SAR 150,000 - 200,000

Full time

Today

Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading air navigation service provider in the Makkah region is seeking an experienced Cybersecurity Incident Response and Forensics Specialist. The role involves managing incident response procedures, conducting forensic analysis of cybersecurity incidents, and ensuring compliance with legal regulations. Candidates should have a degree in Computer Science, relevant cybersecurity certifications, and experience in both incident management and collaboration with law enforcement. This position offers an opportunity to enhance cybersecurity policies while working in a dynamic environment.

Qualifications

Proven experience in cybersecurity incident response and investigation.
Strong understanding of digital forensics and malware analysis techniques.
Experience collaborating with law enforcement on cybercrime investigations.

Responsibilities

Manage and respond to cybersecurity incidents effectively.
Conduct forensic analysis and malware reverse engineering.
Document incident response activities and provide regular updates.

Skills

Cybersecurity incident management

Forensic analysis

Malware analysis

Incident response planning

Legal compliance in investigations

Education

Degree in Computer Science or related field

Relevant cybersecurity certifications (CISSP, CISM, etc.)

Tools

Forensic analysis tools

Incident response software

Incident Response and Investigation

Perform the response to cybersecurity incidents (IT/OT security), managing the lifecycle from CSIRT activation to containment, mitigation, restoration, and post-incident analysis.
Coordinate with internal and external teams, including asset owners, during major incidents for triage, containment, and recovery efforts.
Develop short-term containment and long-term eradication strategies to mitigate the impact of cybersecurity threats and prevent future incidents.
Analyze cybersecurity incidents, including the vulnerabilities exploited and the methods used, and develop response strategies.
Document and track the steps and procedures followed during incident response activities, ensuring accurate reporting.
Provide regular updates to leadership on incident status, impact, and recovery strategies, ensuring clear communication of technical and business impacts.
Collaborate with law enforcement and legal teams on cybercrime investigations (involving forensics investigation) and ensure compliance with legal and regulatory requirements.
Perform post-incident damage assessment to evaluate the impact on systems and data, and conduct post-incident analysis to identify root causes of attacks.
Develop post-incident lessons learned reports for continuous improvement of incident response capabilities.
Automate remediation for low-level incidents to streamline response efforts and improve efficiency.
Participate in and conduct tabletop exercises and drills to enhance incident response readiness and effectiveness.
Continuously improve incident response processes by integrating lessons learned, adopting industry best practices, and keeping up with emerging threats.
Development of cybersecurity Incidents Reports and contributing to internal IR requirements (KPIs status reporting, statistics and dashboard reporting, management and regulatory reports, etc.).
Supporting other cybersecurity defense functions (VM, TI, IR, TH and Assurance) in accordance with business needs.
Support cybersecurity defense audit, compliance, risk and regulatory requirements.

Digital Forensics Examination and Malware Analysis

Conduct forensic analysis of systems, networks, and digital artifacts involved in cybersecurity incidents, preserving evidence following forensically sound procedures.
Use advanced forensic tools to collect and analyze data from compromised devices and perform memory forensics to identify malware or indicators of compromise.
Perform malware reverse engineering to analyze the behavior of malicious code and identify attack vectors.
Prepare detailed forensic reports and present findings to stakeholders, including senior leadership, legal teams, and external authorities, as necessary.
Analyze logs, network traffic, and digital artifacts to reconstruct incidents and assess malicious activity.
Perform post-incident forensic analysis to identify root causes of attacks and assess damage.
Ensure that forensic activities follow legal requirements for data collection, evidence preservation (i.e. Chain of Custody), and reporting.
Collaborate with law enforcement and legal teams on cybercrime investigations, providing detailed forensic reports for legal proceedings.

Policies, Processes and Procedures

Conduct day-to-day activities while ensuring compliance to policies and procedures.
Contribute to the identification of opportunities for continuous improvement of systems, processes considering leading practices, changes in business environment, cost reduction and productivity improvement.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.