48 Incident Response jobs in the United Arab Emirates

We are seeking an experienced Incident Response Consultant to join our team. In this role, you will work closely with our security team to investigate and respond to cyber threats.

• Investigate and analyze security incidents to identify the root cause and recommend remediation strategies;
• Develop and implement incident response plans to ensure timely and effective responses to security incidents;
• Collaborate with internal teams to provide guidance and support on security-related matters;

Required Skills:

• 6+ years of experience in network security and digital forensics;
• Expert knowledge of DFIR tools such as Access Data, IDA Pro, FTK+, Encase;
• Familiarity with threat hunting tools and commercial and open-source solutions;

Benefits:

• Opportunity to work with a dynamic and growing organization;
• Competitive salary and benefits package;
• Opportunities for professional growth and development;

Others:

• GCIA, GCIH, or CISSP certifications;
• SANS Certified Forensic Examiner (GCFE) certification;
• Industry Certification on Digital Forensics Tools.

Role: Incident Response Manager

Location: Abu Dhabi

Role purpose:

• The Incident Response Manager will lead the Cyber Security Incident Response unit oversee its day-to-day operations and manage the SOC shifts.
• This role requires collaboration with various internal teams and departments as well as external partners and cybersecurity agencies to ensure an effective and timely response to all security incidents.
• The manager must demonstrate strong leadership skills encourage teamwork optimize team performance and develop incident response strategies.
• Additionally this position demands hands-on expertise in handling complex L3 security incidents from detection to disposition including leveraging AI-driven threat detection and automated incident response tools.
• The role also requires strong crisis management and stakeholder communication skills to effectively coordinate during high-impact security events.

Key accountabilities of the role:

Leadership and strategy:

• Lead the Cyber Security Incident Response unit managing both the day-to-day operations and the strategic development of incident response capabilities.
• Develop oversee and refine incident response plans playbooks and strategies to ensure rapid and effective response to security breaches.
• Maintain and enhance information security monitoring processes tools and technologies driving continuous improvements and reducing gaps between current and ideal states.
• Demonstrate adaptability and innovation to address evolving threat landscapes continuously enhancing the response approach.
• Incident Management:
• Directly handle L3 security incidents overseeing their detection analysis containment and resolution.
• Supervise the staffs utilization of security monitoring tools and ensure high levels of team performance and engagement.
• Coordinate with threat intelligence monitoring teams and other security functions to effectively communicate incident findings to leadership and relevant stakeholders.
• Implement and maintain robust incident response frameworks including industry standards such as NIST MITRE ATT&CK and best practices for coordinated response efforts.
• Prepare and present post-incident reports including lessons learned and recommendations for preventive measures to executive management.
• Experience in crisis management and business continuity planning.

Operational efficiency:

• Manage SOC shift schedules to ensure 24/7 coverage and effective resource utilization.
• Provide detailed reports on incident investigations root cause analyses and mitigation strategies contributing to the organizations continuous improvement efforts.
• Develop and track key performance metrics for incident management and response reporting outcomes to senior management.
• Maintain strong relationships with internal and external stakeholders to support the incident problem and change management cycles.
• Facilitate effective communication during incidents ensuring that stakeholders are informed of progress and resolution steps.

Specialist skills / technical knowledge required for this role:

• Proven experience in managing security operations centers and incident response teams.
• Demonstrated capability in hands-on management of L3 security incidents from detection through to disposition.
• Strong leadership skills with the ability to motivate and guide teams.
• Expertise in information security principles the cyber threat landscape and incident response protocols.
• Excellent communication and interpersonal skills to interact with various business units and IT departments.
• Knowledge of ISO 27001 NESA PCI DSS SWIFT and other information security standards and regulations.
• Familiarity with incident response frameworks (NIST MITRE ATT&CK) and best practices in managing cybersecurity incidents.
• Ability to manage multiple tasks with high attention to detail and organizational skills.
• Bachelors degree in engineering IT or a related technical discipline.
• Relevant certifications in cybersecurity and incident management (e.g. CISSP CISM GCFA GCIH).

Previous Experience:

• More than 10 years of experience in information security particularly in incident management and response within banks or financial institutions.
• Strong experience in monitoring and incident handling techniques and tools.
• Experience managing a Computer Incident Response Team (CIRT) Computer Security Incident Response Center (CSIRC) or Security Operations Center (SOC).
• Executive experience including management-level discussions.
  

Required Experience:

Manager

Join a critical team as a cybersecurity incident handling professional to lead and coordinate response activities from detection to closure.

This is a senior-level, hands-on role that requires strong analytical skills and the ability to provide strategic input.

We are seeking a proactive and experienced Cybersecurity Incident Handling Specialist to join our team as an embedded expert from CyberGate, acting decisively and independently in a high-stakes environment.

• Lead Incident Response: Act as the primary point of contact for cybersecurity incidents, leading all response and coordination efforts.
• Hands-on Investigation: Provide hands-on support in triaging, investigating, and resolving complex security events.
• Stakeholder Coordination: Work with internal departments and external partners to ensure timely and effective incident management.
• Post-Incident Analysis: Contribute to post-incident reviews, root cause analyses, and recommend long-term security improvements.
• Threat Intelligence: Monitor and track evolving threats, vulnerabilities, and risks to proactively advise on cybersecurity best practices.

• A solid understanding of security operations, threat intelligence, and the attack lifecycle.
• Strong analytical, investigation, and incident-solving skills.
• Proven experience in a similar cybersecurity incident handling or response role.

Be the go-to expert in a critical role with high visibility. Work on a high-impact project with a leading organization. Join a team that values proactive security and decisive action.

Mid-Senior level

Full-time

Information Technology

IT Services and IT Consulting

Seeking an experienced incident response lead to join our team.

This is a full-time, mid-senior level role that involves coordinating technical staff and communicating investigation progress to clients.

The successful candidate will have strong leadership skills, excellent stakeholder management & comms skills, and the ability to perform analysis of system and network devices logs.

They will also be able to execute threat hunting activities in support of incident response engagements and SOC activities, as well as contribute to process documentation and continuous service improvement activities.

A strong understanding of blue team operations, threat hunting, and network protocols is essential for this role. The ideal candidate will also have a sound understanding of Microsoft Windows, Linux, and OSX, as well as strong forensic skills across multiple operating systems.

Responsibilities:

• Serve as technical & coordination lead on active incident response engagements
• Communicate tasks, methodology, and guidance to customers effectively
• Perform host and/or network-based forensics across Windows, Mac, and Linux platforms
• Execute digital forensic investigations supporting cyber incident response engagements
• Contribute to process documentation and continuous service improvement activities
• Produce detailed reports and technical briefs, effectively communicate tasks, methodology, and guidance to customers
• Perform Quality Assurance over reports created by more junior members of the team
• Explain technical findings in a manner that can be easily understood by technical and non-technical staff
• Demonstrate industry thought leadership through internal brown-bag sessions
• Lead team research activities in search of service improvement tasks
• Ability to achieve tasks independently within the team after initial 2-3 months
• Flexible schedule that is open to changing situations and opportunities
• You must be a team player, with a humble and approachable nature who is willing to go the extra mile

Required Skills and Qualifications:

• 8+ years of experience in the field
• Bachelor's degree in Computer Science or Engineering (desirable but not mandatory)
• Certifications & Experience - GIAC Certified in a minimum of one discipline: GNFA, GCIH, GCIA, GCFE, GCFA, GDAT, etc. Or equivalent
• Previous experience performing digital forensics is a must
• Previous experience performing malware analysis is desirable
• Good attention to detail and reporting accuracy, excellent stakeholder management & comms skills
• Excellent English language skills, both spoken and written

Benefits:

• Opportunity to work with a dynamic team
• Chance to contribute to process documentation and continuous service improvement activities
• Professional development and growth opportunities

Others:

• Strong understanding of current threats, vulnerabilities, and attack trends
• Strong understanding of ATT&CK framework
• Excellent organizational skills, ability to prioritize, and ability to work independently

As a senior incident response specialist, you will be responsible for handling all critical, high and medium cyber security incidents at our organization. This role is based in Bangkok, Thailand and offers relocation support.

This is a challenging and rewarding role that requires a strong understanding of NIST, CSF, MITRE and other cyber security frameworks. You will work closely with our 24/7 SOC teams to identify and respond to incidents, and develop and automate solutions to enhance our detection and response capabilities.

• Perform end-to-end handling of all critical, high and medium cyber security incidents
• Draft incident reports and communicate incident summaries to senior leadership, end users, legal teams
• Write playbooks for different types of cyber security incidents and use automation to reduce MTTR time
• Automate repetitive tasks of incident response using automation platforms and/or programming
• Optimize existing security controls to finetune the alerts and reduce false positives
• Gather open source and commercial threat intelligence and perform hunting across the enterprise for undetected threats
• Support the legal and regulatory teams as a technical SME for cyber incidents with regulatory requirements
• Evaluate new technologies and drive POCs for new security products

• 5+ years experience in Cyber Security specifically in Incident Response field and working with 24/7 SOC teams
• Strong understanding of NIST, CSF, MITRE and other cyber security frameworks
• Programming or scripting skills (e.g., Python or C++) for automating incident response tasks
• Ability to write and tune detection rules in different security platforms
• Hands-on knowledge of dealing with major security incidents
• Ability to automate using automation platforms or programming skills
• Malware analysis and digital forensics experience is a plus
• Cyber security, forensic and incident response certifications are a plus (CISSP, ECSA, GISP, GCIH, GCFE, GCFA)
• Flexible, fast-moving, adaptable and able to multi-task
• Excellent English communication skills (oral and written)

• Hybrid Working Model
• WFH Set Up Allowance
• 30 Days of Remote Working from anywhere globally every year
• Employee discount for accommodation globally
• Global team of 90+ nationalities
• 40+ offices and 25+ countries
• Annual CSR / Volunteer Time off
• Benevity Subscription for employee donations
• Volunteering opportunities globally
• Free Headspace subscription
• Free Odilo and Udemy subscriptions
• Access to Employee Assistance Program
• Enhanced Parental Leave
• Life, TPD and Accident Insurance

We pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at our organization is based solely on a person's merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

Lead Security Consultant - Incident Response, CPX, Abu Dhabi Emirate, United Arab Emirates.

• Serve as technical & coordination lead on active incident response engagements
• Communication skills and stakeholder management skills are a MUST (to coordinate technical staff and communicate investigation progress to clients)
• Execute threat hunting activities in support of incident response engagements and SOC activities
• Perform host and/or network-based forensics across Windows, Mac, and Linux platforms
• Execute digital forensic investigations supporting cyber incident response engagements
• Contribute to process documentation and continuous service improvement activities
• Produce detailed reports and technical briefs, effectively communicate tasks, methodology and guidance to customers
• Perform Quality Assurance over reports created by more junior members of the team
• Explain technical findings in a manner that can be easily understood by technical and non-technical staff
• Demonstrate industry thought leadership through internal brown-bag sessions
• Lead team research activities in search of service improvement tasks
• Ability to achieve tasks independently within the team after initial 2-3 months
• Flexible schedule that is open to changing situations and opportunities
• You must be a team player, with a humble and approachable nature who is willing to go the extra mile

• Years of Experience - 8+ years
• Education - Bachelor's degree in Computer Science or Engineering desirable, but not mandatory
• Certifications & Experience - GIAC Certified in a minimum of one discipline: GNFA, GCIH, GCIA, GCFE, GCFA, GDAT, etc. Or equivalent (eLearn Security, etc.)
• Previous experience performing digital forensics is a must
• Previous experience performing malware analysis is desirable
• Good attention to detail and reporting accuracy, excellent stakeholder management & comms skills
• Excellent English language skills, both spoken and written

• Strong understanding of blue team operations and threat hunting
• Sound understanding of network protocols, TCP/IP
• Sound understanding of Microsoft Windows
• Sound understanding of Linux and OSX
• Sound forensic skills across multiple operating systems
• Strong understanding of network analysis tools like Bro/ Zeek, Rita or Suricata
• Ability to perform analysis of system and network devices logs
• Sound understanding of the capabilities of static and dynamic malware analysis
• Sound understanding of enterprise systems, technologies, and infrastructure
• Strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations
• Strong understanding of current threats, vulnerabilities, and attack trends
• Strong understanding of ATT&CK framework
• Excellent organizational skills, ability to prioritize, and ability to work independently

• Mid-Senior level
• Full-time
• Information Technology
• Industries: IT Services and IT Consulting and Computer and Network Security

As a specialist in Digital Forensics and Incident Response, you will play a key role in supporting our organization's 800-HACKED program. This involves working as a consultant for multiple incident retainer programs, conducting cyber breach investigations, and analyzing digital evidence.

• Conduct thorough forensic and malware analysis to identify network computer intrusion evidence and perpetrators.
• Develop and implement threat hunting methodologies to proactively detect potential malicious activity.
• Perform detailed forensics investigations using tools such as Autospy, Encase, Access Data, FTK+, and IDA Pro.
• Analyze network traffic capture and DNS traffic analysis to detect security outliers.
• Examine and perform comprehensive technical analysis of computer-related evidence and information stored on devices.

• 6+ years of experience in network/security and analyzing digital evidence and investigating computer security incidents.
• Expert knowledge of DFIR tools such as Access Data, IDA Pro, FTK+, and Encase.
• Familiarity with network tools such as Wireshark, tcpdump, and libpcap.

• GCIA, GCIH, or CISSP Certifications.
• SANS Certified Forensic Examiner (GCFE).
• Industry Certification on Digital Forensics Tools.

Successful organizations depend on their reputation for keeping promises respecting laws and behaving ethically to maintain stakeholder trust. EY Forensic & Integrity Services professionals help organizations protect and restore enterprise and financial reputation. We assist companies and their legal counsel to investigate facts resolve disputes and manage regulatory challenges. We put integrity at the heart of compliance programs to help better manage ethical and reputational risks.

Embracing integrity means doing what you say you will do with unerring commitment. This can make it easier to attract and retain talented people and harness their skills to grow your business. A foundation built on integrity is critical because todays talent values purpose-driven organizations. It can also help you develop stronger partnerships with suppliers and work more effectively with employees investors regulators and integrated approach ranges from enhancements in areas of perceived weakness or issues including governance controls culture and data insights to full organizational design and structural implementation.

The opportunity

As a Manager youll build valued relationships with external clients and internal peers and develop a portfolio of projects by focusing on high value opportunities. Youll lead presentations and proposals for complex projects or elements of highly complex projects and provide subject matter insight to bids and proposals. Drawing on your skills and experience youll create innovative commercial insights for clients adapt methods and practices to fit operational team and cultural needs and contribute to thought leadership.

Your key responsibilities

As a Manager in the Resilience & Digital Trust team you will lead and grow a team responsible for strengthening clients cybersecurity posture through cyber incident response security awareness and digital forensics services. You will provide strategic advisory services in areas such as regulatory compliance cybersecurity governance threat detection digital trust and risk management.

Oversee client engagements at an executive level working with senior stakeholders to assess and improve readiness for cyber incidents respond to security breaches and conduct digital forensic investigations. Your leadership will help organizations reduce risks meet compliance requirements and maintain resilience against evolving cyber threats.

Specifically you will need to:

• Lead engagements related to cyber incident response including readiness assessments playbook development tabletop exercises and cyber crisis simulations.
• Evaluate existing security incident detection and escalation capabilities and recommend improvements.
• Conduct end-to-end digital forensic investigations in response to cyber incidents data breaches insider threats or regulatory inquiries.
• Preserve chain-of-custody and maintain forensic integrity in accordance with legal and regulatory standards.
• Use forensic tools to extract analyze and correlate digital evidence and prepare clear and defensible investigative reports and present forensic findings to legal compliance or executive stakeholders.

To qualify for the role you must have

• Bsc. computer science or information technology or cyber security
• Certificates such as CISA CISM and CISSP ISO 27001 is a plus
• Minimum of 10 years of hands-on experience in the digital forensics and incident response domain.
• Broad industry expertise and network and with an establishes experience with a top tier firm
• Lead a team of professionals to combine diverse cross-border experience with local knowledge across a broad spectrum of industries
• Work effectively as a member of a worldwide network of professional advisors sharing responsibility providing support maintaining communication and updating senior team members on progress
• Strong understanding ofexpectations of regulators and international organizations such as NCA ISO and NIST.

Ideally youll also have

• Digital forensics
• Threat intel
• Incident response
• Fluent Arabic/English communication skills
• Working experience in KSA
• Prior experience in consulting firm

What we look for

We are interested in entrepreneurs who have the confidence to develop and promote a brand-new strategic vision both internally and externally. You will be business savvy with a passion for innovation as well as the motivation to create your own EY journey.

What we offer

We offer a competitive compensation package where youll be rewarded based on performance and recognized for the value you bring to our business. Plus we offer:

• Continuous learning:Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you:Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership:Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:Youll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

The exceptional EY experience. Its yours to build.

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.

Required Experience:

Manager

Successful organizations depend on their reputation for keeping promises respecting laws and behaving ethically to maintain stakeholder trust. EY Forensic & Integrity Services professionals help organizations protect and restore enterprise and financial reputation. We assist companies and their legal counsel to investigate facts resolve disputes and manage regulatory challenges. We put integrity at the heart of compliance programs to help better manage ethical and reputational risks.

Embracing integrity means doing what you say you will do with unerring commitment. This can make it easier to attract and retain talented people and harness their skills to grow your business. A foundation built on integrity is critical because todays talent values purpose-driven organizations. It can also help you develop stronger partnerships with suppliers and work more effectively with employees investors regulators and integrated approach ranges from enhancements in areas of perceived weakness or issues including governance controls culture and data insights to full organizational design and structural implementation.

The opportunity

As a Manager youll build valued relationships with external clients and internal peers and develop a portfolio of projects by focusing on high value opportunities. Youll lead presentations and proposals for complex projects or elements of highly complex projects and provide subject matter insight to bids and proposals. Drawing on your skills and experience youll create innovative commercial insights for clients adapt methods and practices to fit operational team and cultural needs and contribute to thought leadership.

Your key responsibilities

As a Manager in the Resilience & Digital Trust team you will lead and grow a team responsible for strengthening clients cybersecurity posture through cyber incident response security awareness and digital forensics services. You will provide strategic advisory services in areas such as regulatory compliance cybersecurity governance threat detection digital trust and risk management.

Oversee client engagements at an executive level working with senior stakeholders to assess and improve readiness for cyber incidents respond to security breaches and conduct digital forensic investigations. Your leadership will help organizations reduce risks meet compliance requirements and maintain resilience against evolving cyber threats.

Specifically you will need to:

• Lead engagements related to cyber incident response including readiness assessments playbook development tabletop exercises and cyber crisis simulations.
• Evaluate existing security incident detection and escalation capabilities and recommend improvements.
• Conduct end-to-end digital forensic investigations in response to cyber incidents data breaches insider threats or regulatory inquiries.
• Preserve chain-of-custody and maintain forensic integrity in accordance with legal and regulatory standards.
• Use forensic tools to extract analyze and correlate digital evidence and prepare clear and defensible investigative reports and present forensic findings to legal compliance or executive stakeholders.

To qualify for the role you must have

• Bsc. computer science or information technology or cyber security
• Certificates such as CISA CISM and CISSP ISO 27001 is a plus
• Minimum of 10 years of hands-on experience in the digital forensics and incident response domain.
• Broad industry expertise and network and with an establishes experience with a top tier firm
• Lead a team of professionals to combine diverse cross-border experience with local knowledge across a broad spectrum of industries
• Work effectively as a member of a worldwide network of professional advisors sharing responsibility providing support maintaining communication and updating senior team members on progress
• Strong understanding ofexpectations of regulators and international organizations such as NCA ISO and NIST.

Ideally youll also have

• Digital forensics
• Threat intel
• Incident response
• Fluent Arabic/English communication skills
• Working experience in KSA
• Prior experience in consulting firm

What we look for

We are interested in entrepreneurs who have the confidence to develop and promote a brand-new strategic vision both internally and externally. You will be business savvy with a passion for innovation as well as the motivation to create your own EY journey.

What we offer

We offer a competitive compensation package where youll be rewarded based on performance and recognized for the value you bring to our business. Plus we offer:

• Continuous learning:Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you:Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership:Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:Youll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

The exceptional EY experience. Its yours to build.

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.

Required Experience:

Manager