Principal Engineer Forensic Analyst

Technology
Dubai
January 30, 2025
Apply Now

Job Description

The Principal Engineer Forensic Analyst – L4  will be responsible for investigating and managing the most complex incidents. For an engineer to operate at this level, they should have a skilled forensics background in reverse engineering malware, conducting host forensics or performing network forensics. They are responsible for investigating data breaches, critical security incidents and potential cyber-criminal activity

Join our CyberSecurity team where we  ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop.  The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.


As a Principal Engineer Forensic Analyst – L4 in the CyberSecurity team you will;

  • Perform advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities.  
  • Analyse computer, communication, network security events and exploits to determine security vulnerabilities including recommendations for remedial actions.  
  • Conducts forensic, malicious code, and packet-level analysis to develop comprehensive technical reports stepping through complete reverse engineering of incidents. 
  • Recommends countermeasures based on the identified techniques, tactics, procedures, and behaviour  patterns used by adversaries.  
  • Utilizes a range of specialised methods and techniques in order to retrieve and analyse data linked to a range of criminal activity, such as network intrusions, hacking, online fraud, political, industrial and commercial espionage, terrorist communication, theft of confidential information and the use of illegal images.
  • This role is also responsible for coordinating incident drills (purple teaming), developing alert criteria (use cases) and contributing to the development, writing, and reviewing of SOPs in order to improve incident response capabilities.
  • Leads the management of critical incidents, including coordination of incident investigation and management activities with both internal and external parties, and supports the CSOC Manager through incident escalation and crisis management. 
Qualifications & Experience

To be considered for the role, you must meet the below requirements: 

  • Overall 8+ years in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skills.
  • Experience analyzing emerging technologies for potential attack vectors and developing mitigation strategies.
  • Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs.
  • Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests.
  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
  • Experienced in technical writing such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports. 


Knowledge/Skills:

  • Offensive Security Certified Expert (OSCE), GIAC Certified Reverse Engineering Malware (GREM), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Network Forensics Analyst (GNFA), Encase Certified Examiner (ENCE) is an advantage.
  • Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs.
  • Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests.
  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
  • Experience in technical writing such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports.
  • Experience working in cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.

Related Jobs