Digital Forensics and Incident Response consultantGroup-IB • Riyadh, Riyadh Region, Saudi Arabia

Digital Forensics and Incident Response consultant

Group-IB • Riyadh, Riyadh Region, Saudi Arabia

منذ أكثر من 30 يومًا

الوصف الوظيفي

Overview

Group-IB is a leading cybersecurity company founded in 2003 and headquartered in Singapore. We create technologies to investigate, prevent, and fight digital crime. Our Digital Crime Resistance Centers (DCRCs) operate globally to analyze threats and mitigate regional and country-specific risks, strengthening our contribution to global cybercrime prevention.

Join us and help make the world a safer place.

ABOUT THE ROLE :

This is a high-impact, hands-on role on the front lines of incident response and threat hunting engagements. You’ll work across diverse industries, confronting real-world cyber threats and helping clients recover from complex incidents. Your expertise will directly shape outcomes, protect critical infrastructure, and contribute to a safer digital environment. This role is ideal for professionals eager to sharpen their DFIR skills while operating in fast-paced, high-stakes environments.

YOUR MISSION

Conduct root cause analysis to determine the initial attack vector in security incidents.
Lead incident response engagements, including containment, eradication, and recovery guidance.
Acquire and analyze disk and memory forensic images, and perform triage analysis.
Recover deleted data, trace file execution, and validate indicators of compromise (IOCs).
Develop attack hypotheses using adversary TTPs mapped to the MITRE ATT&CK framework.
Prepare and deliver clear, actionable reports and findings to both technical and non-technical stakeholders.
Maintain composure and communicate effectively in high-pressure, time-sensitive incidents.

WHAT SUCCESS LOOKS LIKE

Minimum first hands-on experience in Digital Forensics and Incident Response.

Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or equivalent professional experience.

Proficiency in analyzing forensic artifacts such as : Windows registry, Master File Table (MFT), Prefetch files, Shellbags.

Experience working with EDR platforms and SIEM solutions.

Strong understanding of attacker methodologies, MITRE ATT&CK, and the intrusion kill chain.

ADDITIONAL REQUIREMENTS

Strong problem-solving mindset and attention to detail.

Ability to remain calm under pressure during active incidents.

One or more of the following : GCFA, GCIH, GNFA, GCFE, CHFI, GCFR, OSCP, or similar.

OUR WORK ENVIRONMENT & CULTURE

We foster a supportive, inclusive, and dynamic workplace where every team member can grow. You’ll work with specialists from around the world, solving complex challenges using cutting-edge technologies recognized globally by Gartner, IDC, and Forrester. Our projects span 60 countries with 450+ partners and 500+ clients, guided by mutual respect, collaboration, and shared goals.

WHAT WE OFFER

Flexible work schedule with impact-first focus.

Health insurance to support well-being.

Certifications & Continuous Learning — access to professional development and a broad set of certifications.

Internal programs to develop soft and technical skills, with recognition and rewards.

Entrepreneurial spirit is encouraged; bold ideas are supported and celebrated.

#J-18808-Ljbffr

إنشاء تنبيه وظيفي لهذا البحث

Consultant Digital • Riyadh, Riyadh Region, Saudi Arabia