CPX
Security Engineer (DFIR Lab)
CPXUnited Arab Emirates1 day ago
Full-timeInformation Technology
Overview

Manage and maintain the DFIR Lab’s infrastructure, hardware, software, process and documentation.

Responsibilities

  • Maintain and manage the team’s DFIR Lab’s hardware and software systems, ensuring availability and performance for the team engagements
  • Keep the team’s DFIR Lab’s asset inventory up to date and contribute to the process of license renewals, purchases and budgeting
  • Deploy, configure and maintain forensic and incident response tools like EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, etc.
  • Configure and optimize forensics workstations and laptops, war laptops, servers and storage systems
  • Ensure the team’s DFIR Lab adheres to security, privacy and data integrity standards
  • Implement access controls, logging, audit trails and monitoring solutions to secure the lab environment
  • Evaluate and contribute to the testing and recommendation of new tools and technologies to enhance the Lab’s capabilities
  • Develop and maintain scripts or automation tools to streamline workflows and improve efficiency
  • Contribute to process documentation and continuous service improvement activities
  • Create and update SOPs for lab operations
  • Document forensic processes, lab configurations and tool usage guidelines
  • Collaboration with customers to deploy hardware and software for assessments and incident response engagements
  • Execute lab tasks in support of cyber incident response engagements
  • Proficiency with Digital Forensics & Incident Response tools (Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, Security Onion, FTK Imager, Magnet Axiom, EnCase and others)
  • Good understanding of Incident Response and Digital Forensics tools deployment and functionalities such as EDR, NDR, forensic artifact collectors, intrusion detection, security monitoring, log management
  • Experience with digital forensics software and equipment such as write blockers, specialized cables and wires in a technical environment, forensics workstations, forensics laptops, adapters and connectors
  • Experience with (or at least knowledge of) evidence management and data acquisition in a lab in terms of supporting incident response and digital forensics
  • Good Experience with Linux system structure, commands, functions and tools
  • Good Experience with networking devices: switches, routers and firewalls
  • Understanding of storage devices such as NAS
  • Good Experience with virtualization using VMWare ESXi (Nutanix and other virtualization software knowledge would be a plus)
  • Knowledge of building baseline system configurations for servers and workstations
  • Good Experience and familiarity with server and desktop operating systems for Windows, Linux/Unix and Mac
  • Experience in managing cloud-based environments

Qualifications

Skills/ Certifications: -

Desired certifications in a minimum of one discipline: Incident Response, Digital Forensics, Cloud Computing, Linux/Windows Administration, Penetration Testing, Security Engineering such as CCE, CHFI, GCFE, INE Security, Microsoft/Azure/VMware/RedHat certification

Minimum Work Experience : -

  • 5+ years working in a technical lab, data center, DFIR or System Engineering teams with hands-on experience in setting up scalable technical environments.

Education : -

Bachelor’s degree in computer science, Cybersecurity, Information Technology or Engineering is desirable, but not mandatory.

Key Skills

Ranked by relevance
Apply