Threat Detection and Response Consultant

**Company Description**:
Innovative Solutions (IS) is a leading pure-player Cyber security company in the GCC established in 2003, headquartered in Riyadh with a presence in Al Khobar, Jeddah, Dubai, and Abu Dhabi. Our Cybersecurity Solutions and Services encompass Advisory Services, Technical Assurance, Solution Deployment, Professional Services, and Managed Security Services.

Innovative Solutions is committed to its mission to “Bring Trust to Cyberspace” to ensure “**Your Business, Secured**.”

**Role Description**:
As a Threat Detection and Response Consultant at Innovative Solutions, you will be responsible for providing expert guidance and support to clients in detecting and responding to cybersecurity threats. You will perform security assessments, develop threat detection strategies, and implement response plans. You will work collaboratively with client teams to enhance their security posture and ensure effective incident response processes are in place.
- Conduct compromise assessment activities.
- Conduct DFIR activities on Windows Linux and Cloud.
- General intelligence advisories and delegate intelligence aggregation tasks to L2.
- Generate new use cases for emerging threats.
- Building detection use cases on SIEM, EDR, NDR, and other security controls.
- Test the detection use cases using threat simulation tools.
- Conduct threat-hunting activities periodically.
- Conduct threat-hunting activities based on intelligence reports.
- Building detection use cases based on intelligence reports.
- Track incident detection and closure.
- Conduct incident response coordination with customer.
- Validation of security incidents.
- Conduct audits of logging and correlation.
- Use of sandbox, honeypot, analytics tools, and security testing.
- Building playbooks in SOAR.
- Escalation management.
- Ensure quality of investigations and notification and direct L2 and L1 accordingly.
- Perform deep analysis to security incidents to identify the full kill chain.
- Respond to clients’ requests, concerns and suggestions.
- Provide knowledge to L1 and L2 such as guides, cheat sheets etc.
- Follow up with the recommendations to the client to contain an incident or mitigate a threat.
- Conduct presentations and updates to the client.
- Respond to incident escalations and provide solid recommendations.
- Conduct threat-hunting exercises on SIEM and EDR platforms.
- Perform threat intelligence analysis and investigations. Search on the dark web and use other platforms such as RF to identify intelligence indicators or threats for a specific client.
- Create reports for threat intelligence as a service.

**Requirements**:

- Bachelor’s degree in Computer Science or equivalent field.
- Minimum of 5 years of experience in cybersecurity.
- At least 2 years of direct experience in a DFIR consultant role, with proven ability to deliver Digital Forensics, Incident Response (DFIR), and compromise Assessment (CA) services.
- Strong analytical and critical thinking skills for effectively investigating complex incidents.
- Excellent problem-solving abilities to handle high-pressure situations and adapt to rapidly changing environments.
- Clear and effective communication skills, both written and verbal, for conveying technical findings to non-technical stakeholders.
- High level of attention to detail, essential for forensic accuracy and reporting.
- Team-oriented mindset with the ability to collaborate across departments.
- Self-motivated and proactive in staying updated with the latest cybersecurity threats and tools.
- At least has 2 of the following certificates: GCFA, GCFE, GEIR, GCFR, GDAT, GREM or OSCP.

**Benefits**
- Competitive salary package with performance-based incentives.
- Comprehensive training and development programs.
- Opportunity for career growth and advancement.
- Friendly and supportive work environment.