SOC L3 - Digital Forensics, Incident Response Specialist
Job Description Roles & Responsibilities We are seeking an experienced Senior Digital Forensics, Incident Response & Threat Hunting Specialist to join our Cyber Security team. The ideal candidate will have strong expertise in digital forensics, incident response, threat hunting, and malware investigations across enterprise environments. The role requires hands-on experience with SIEM, EDR, cloud forensics, and forensic investigation tools to identify, investigate, contain, and remediate cyber threats. Key Responsibilities Conduct host, network, memory, and mobile forensic investigations. Lead incident response activities including triage, containment, eradication, recovery, and post-incident reporting. Perform proactive threat hunting using threat intelligence and the MITRE ATT&CK framework. Analyze security events using SIEM platforms such as Microsoft Sentinel and Splunk. Develop and execute advanced KQL queries for threat detection and investigations. Investigate endpoint security alerts using EDR solutions. Perform malware analysis, log analysis, and packet capture analysis. Conduct cloud forensic investigations across AWS and Microsoft Azure environments. Automate forensic and incident response activities using Python and PowerShell. Produce detailed technical reports and executive summaries. Collaborate with SOC, Threat Intelligence, IT, and Infrastructure teams during investigations. Desired Candidate Profile Minimum 6 years of experience in Digital Forensics, Incident Response, or Threat Hunting. Strong knowledge of Digital Forensics and Incident Response methodologies. Hands-on experience with EnCase, FTK, Cellebrite, Oxygen Forensics, Volatility, and other forensic analysis tools. Experience with Microsoft Sentinel, Splunk, or similar SIEM platforms. Strong knowledge of EDR technologies. Advanced experience writing Kusto Query Language (KQL) queries. Experience in host, network, cloud, memory, and mobile forensics. Strong understanding of log analysis and packet capture analysis. Experience with AWS and Microsoft Azure cloud investigations. Scripting skills using Python and/or PowerShell. Strong understanding of the MITRE ATT&CK framework. Excellent analytical, communication, documentation, and problem-solving skills. Ability to manage multiple incidents simultaneously in a fast-paced environment. Preferred Certifications GCFA GCFE GCIH GNFA GCIA CHFI EnCE Microsoft SC-200 Splunk Certified Power User/Admin AWS or Azure Security Certifications Employment Type Full Time Company Industry TelecomISP Department / Functional Area System AdministrationNetwork AdministrationSecurity (IT Software) Keywords Digital ForensicsDFIRIncident ResponseThreat HuntingMicrosoft SentinelSplunkKQLEnCaseFTKCellebriteOxygen ForensicsVolatilityEDRAWSAzurePythonPowerShellMalware AnalysisMITRE ATT&CKMemory ForensicsSOCCybersecurity Get real-time job updates only on our App
Ready to apply?
You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.
Apply NowOpens the employer's site in a new tab
- CompanyeMinds
- LocationEgypt - Egypt
- CategoryCybersecurity
- SourceNaukrigulf
- Listed1 week ago
Related Cybersecurity jobs
Cybersecurity Engineer
Envision Employment Solutions is currently looking for a Cybersecurity Engineer (UCF) for one of our partners, a global leader in consulting, digital…
Cloud & DevOps Engineering Technical Lead
Connect to your opportunity Work with a team to realize the ultimate solution for infrastructure and network configuration/automation and deployment for…
Senior Devops Engineer
As a Senior DevOps Engineer II, you will shape how infrastructure is built, secured, and operated across the Mondia platform. You will own the delivery…
GIS Senior Manager
In a world of possibilities, pursue one with endless opportunities. Imagine Next! At Parsons, you can imagine a career where you thrive, work with exceptional…