SOC L3 - Digital Forensics, Incident Response Specialist
Job Description Roles & Responsibilities We are seeking an experienced Senior Digital Forensics, Incident Response & Threat Hunting Specialist to join our Cyber Security team. The ideal candidate will have strong expertise in digital forensics, incident response, threat hunting, and malware investigations across enterprise environments. The role requires hands-on experience with SIEM, EDR, cloud forensics, and forensic investigation tools to identify, investigate, contain, and remediate cyber threats. Key Responsibilities Conduct host, network, memory, and mobile forensic investigations. Lead incident response activities including triage, containment, eradication, recovery, and post-incident reporting. Perform proactive threat hunting using threat intelligence and the MITRE ATT&CK framework. Analyze security events using SIEM platforms such as Microsoft Sentinel and Splunk. Develop and execute advanced KQL queries for threat detection and investigations. Investigate endpoint security alerts using EDR solutions. Perform malware analysis, log analysis, and packet capture analysis. Conduct cloud forensic investigations across AWS and Microsoft Azure environments. Automate forensic and incident response activities using Python and PowerShell. Produce detailed technical reports and executive summaries. Collaborate with SOC, Threat Intelligence, IT, and Infrastructure teams during investigations. Desired Candidate Profile Minimum 6 years of experience in Digital Forensics, Incident Response, or Threat Hunting. Strong knowledge of Digital Forensics and Incident Response methodologies. Hands-on experience with EnCase, FTK, Cellebrite, Oxygen Forensics, Volatility, and other forensic analysis tools. Experience with Microsoft Sentinel, Splunk, or similar SIEM platforms. Strong knowledge of EDR technologies. Advanced experience writing Kusto Query Language (KQL) queries. Experience in host, network, cloud, memory, and mobile forensics. Strong understanding of log analysis and packet capture analysis. Experience with AWS and Microsoft Azure cloud investigations. Scripting skills using Python and/or PowerShell. Strong understanding of the MITRE ATT&CK framework. Excellent analytical, communication, documentation, and problem-solving skills. Ability to manage multiple incidents simultaneously in a fast-paced environment. Preferred Certifications GCFA GCFE GCIH GNFA GCIA CHFI EnCE Microsoft SC-200 Splunk Certified Power User/Admin AWS or Azure Security Certifications Employment Type Full Time Company Industry TelecomISP Department / Functional Area System AdministrationNetwork AdministrationSecurity (IT Software) Keywords Digital ForensicsDFIRIncident ResponseThreat HuntingMicrosoft SentinelSplunkKQLEnCaseFTKCellebriteOxygen ForensicsVolatilityEDRAWSAzurePythonPowerShellMalware AnalysisMITRE ATT&CKMemory ForensicsSOCCybersecurity Get real-time job updates only on our App
Ready to apply?
You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.
Apply on original siteOpens the employer's site in a new tab
- CompanyeMinds
- LocationEgypt - Egypt
- CategoryCybersecurity
- SourceNaukrigulf
- Listed6 days ago
Related Cybersecurity jobs
SOC Engineer
Security Monitoring & Threat Detection • Administration, management, and Support deployment and tuning of OT security tools (Nozomi, Forescout). Monitor OT/ICS…
Priority Banking - Customer Service Representative
1. Client Relationship Management ▸ Resolve customer issues efficiently while ensuring first-contact resolution whenever possible. ▸ Manage customer complaints…
Secretary
Manage executive schedules, ensuring optimal time allocation for meetings, deadlines, and travel, to facilitate smooth operations. Prepare and edit…
Senior Full Stack Developer
We are seeking an experienced Full Stack Engineer with strong Java expertise and modern front-end capabilities to design, build and deliver scalable enterprise…