Senior Consultant - Incident Response

Apply now »

Date: 20 Aug 2025

Location: Abu Dhabi, Abu Dhabi, AE

Company: G Forty Two General Trading LLC

Job Information

Job Title

Senior Security Consultant - Incident Response

Business Unit

Cyber Defense

Reporting to

TBD

Sub-Business Unit

Cyber Resilience Services: Remote Monitoring-Thread

Grade

 

 

Job Purpose

As a Senior Incident Response consultant –You will be a technical leader, leveraging your experience and skills to deliver cybersecurity solutions and services to clients preparing for or responding to cyber incidents.

 

You will serve in a collaborative environment with the blue team and our partners to support our client’s collaboration with our team, and You will be responsible for leading elements of the response and working directly with our clients and partners.

 

Job Responsibilities

Key Focus Areas 

Key Activities 

Key Responsibilities

 

  • Serve as technical lead on active incident response engagements and across different IR Retainer customers
  • Achieve tasks independently within the team after initial 2-3 months
  • Execute threat-hunting activities in support of incident response and proactive environment assessments
  • Carry out host-based assessments using EDR tools and network assessments utilizing full packet data to determine the extent and scope of possible compromise
  • Perform host and, or network-based forensics across Windows, Mac, and Linux platforms.
  • Execute digital forensic investigations supporting cyber incident response engagements
  • Contribute to process documentation and continuous service improvement activities
  • Collaboration with customers to enhance the defensive security posture and existing security controls
  • Produce detailed reports and technical briefs, effectively communicate tasks, methodology, and guidance to customers
  • Explain technical findings in a manner that can be easily understood by technical and non-technical staff

Technical Skills

  • Strong understanding of blue team operations and threat hunting
  • Sound understanding of network protocols, TCP/IP, etc.
  • Sound understanding of Microsoft Windows
  • Sound understanding of Linux and OSX
  • Sound forensic skills across multiple operating systems
  • Strong understanding of network analysis tools like Bro/Zeek, Rita, or Suricata
  • Ability to perform analysis of system and network devices logs
  • Sound understanding of the capabilities of static and dynamic malware analysis
  • Sound understanding of enterprise systems, technologies, and infrastructure
  • Strong understanding of targeted attacks and ability to create customized tactical and strategic remediation plans for compromised organizations
  • Strong understanding of current threats, vulnerabilities, and attack trends
  • Strong understanding of the ATT&CK framework
  • Excellent organizational skills, ability to prioritize, and ability to work independently

AOR (Any Other Responsibilities)
  • Any other responsibilities as required by the Line Manager

 

Job Specifications

Skills/Certifications (Technical & Non-Technical)
  • Good attention to detail and reporting accuracy
  • English language skills, both spoken and written
  • GIAC Certified in a minimum of one discipline: GNFA, GCIH, GCIA, GCFE, GCFA, GDAT, etc.

Or equivalent (eLearn Security, etc.)

  • Previous experience working with EDR tools and threat-hunting tools
  • Previous experience performing network forensics is desirable
  • Knowledge about cloud security infrastructure (AWS, Azure, Oracle, others) is desirable
  • Excellent organizational skills, ability to prioritize, and ability to work independently

Minimum Work Experience

  6 years

Education
  • Bachelor's degree in Computer Science or Engineering is desirable but not mandatory