Incident Response Analyst

Confidential Government - Saudi - Riyadh

Position: Incident Response Analyst


Job Summary: The Incident Response Analyst in the Cyber Department plays a critical role in identifying, analyzing, and mitigating security incidents that could compromise the organization’s systems, data, or operations. This position requires a deep understanding of security best practices, strong technical skills, and the ability to respond effectively to incidents in a timely and efficient manner.

Key Responsibilities:

Incident Detection and Analysis

  • Monitor and analyze security alerts and logs across various platforms to identify suspicious activities and potential security incidents.
  • Utilize threat intelligence and detection tools to assess potential threats and vulnerabilities.
  • Investigate incidents by gathering relevant artifacts and logs, assessing the severity, and conducting root-cause analysis.

Incident Response and Mitigation

  • Execute incident response protocols to contain and mitigate the impact of security breaches.
  • Coordinate with cross-functional teams to remediate incidents, ensuring minimal operational disruption.
  • Conduct post-incident analyses to identify improvement areas and enhance future responses.

Digital Forensics and Threat Hunting

  • Apply Digital Forensics and Incident Response (DFIR) techniques to investigate incidents thoroughly.
  • Conduct proactive threat-hunting activities to detect suspicious behavior and indicators of compromise.
  • Preserve the integrity of digital evidence in accordance with legal and regulatory standards.

Documentation and Reporting

  • Document all steps of the incident response process, from initial detection to resolution, ensuring accuracy and thoroughness.
  • Prepare detailed reports for internal stakeholders and relevant compliance and regulatory bodies.
  • Participate in incident post-mortems to improve incident response processes and tools.

Qualifications:

  • Experience: 3–5 years of experience in Digital Forensics and Incident Response (DFIR).
  • Education: Bachelor’s degree in Information Security, Computer Science, or a related field is preferred.
  • Certifications: Relevant certifications, such as GCIH, GCFA, GNFA, or CEH, are highly desirable.
  • Technical Skills:
  • Proficiency with SIEM tools, EDR solutions, and forensic analysis tools.
  • Strong understanding of network protocols, log analysis, and threat intelligence.
  • Familiarity with scripting languages (e.g., Python, PowerShell) to automate analysis and reporting.


Key Competencies:

  • Excellent problem-solving skills with the ability to remain calm under pressure.
  • Strong attention to detail and analytical mindset.
  • Effective communication skills, able to convey complex technical information to non-technical stakeholders.
  • Ability to work independently and as part of a team, with a proactive approach to incident management.

Post date: 02 Jumada al-awwal 1446 - 3 November 2024
Publisher: LinkedIn
Post date: 02 Jumada al-awwal 1446 - 3 November 2024
Publisher: LinkedIn