2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
Direct message the job poster from VaporVM
Certified Human Resource Professional | Certified Tech Talent Acquisition Professional | Technical Recruiter | Recruitment Consultant | HR Manager |…
We are looking for a highly skilled and proactive Incident Response Engineer with at least 5 years of hands-on cybersecurity experience, including a strong background in the telecom industry. This role is critical to ensuring rapid detection, investigation, containment, and resolution of security incidents. You will collaborate with cross-functional teams to improve the organization’s security posture and operational resilience in a fast-paced telecom environment.
Key Responsibilities :
- Monitor and triage security alerts from telecom-focused SIEM, EDR, and threat intelligence platforms.
- Investigate security incidents involving signaling networks (SS7, Diameter, SIP), subscriber data, and telecom infrastructure.
- Lead incident response lifecycle phases : detection, analysis, containment, eradication, recovery, and post-incident review.
- Utilize tools like Splunk, IBM QRadar, CrowdStrike, Palo Alto Cortex XDR, and Wireshark for forensic and packet analysis.
- Coordinate with SOC teams, NOC, IT Ops, and Core Network teams for effective incident resolution.
- Develop and maintain incident response runbooks specific to telecom use cases (e.g., network intrusions, signaling fraud, SIM cloning, BSS / OSS attacks).
- Conduct threat hunting and IOC correlation to detect stealthy attacks across telecom infrastructure.
- Analyze malware and conduct memory and disk forensics using tools such as Volatility, FTK, EnCase, and Autopsy.
- Stay current on threats to the telecom sector including APT groups, signaling layer exploits, and SS7 / Diameter vulnerabilities.
- Support regulatory compliance (e.g., NCA, TRA, GDPR, SAMA) and law enforcement requests by providing forensic evidence and incident reports.
- Organize and lead tabletop exercises and breach simulations involving telecom-specific threat scenarios.
Required Qualifications :
Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or a related discipline.Minimum 5 years of cybersecurity experience, with at least 3 years in incident response.Mandatory experience in the telecom industry, including knowledge of core network architecture (4G / 5G), VAS, BSS / OSS systems, and network signaling protocols (e.g., SS7, SIP, Diameter).Strong understanding of network security, TCP / IP, firewalls, proxies, and telecom-specific attack surfaces.Hands-on experience with SIEM tools (Splunk, QRadar), EDR platforms (CrowdStrike, SentinelOne, Cortex XDR), and forensic tools.Proficiency in Python, Bash, or PowerShell scripting for automation and custom parsing.Solid grasp of MITRE ATT&CK, NIST 800-61, ISO / IEC 27035, and telecom security best practices.Relevant certifications : GCIA, GCIH, CEH, CISSP, OSCP, or equivalent are highly preferred.Key Skills & Tools :
Telecom CybersecurityThreat Hunting & IOC AnalysisSIEM (Splunk, QRadar), EDR (CrowdStrike, Cortex XDR)Signaling Protocols : SS7, Diameter, SIPPacket Analysis & Forensics (Wireshark, FTK, EnCase)Security Automation & Scripting (Python, PowerShell)Regulatory & Compliance (NCA, SAMA, GDPR)Malware Analysis & Reverse EngineeringSecurity Documentation & Playbook DevelopmentSeniority level : Mid-Senior level
Employment type : Full-time
Job function : Information Technology, IT Services and IT Consulting
Referrals increase your chances of interviewing at VaporVM by 2x
Sign in to set job alerts for “Cyber Security Engineer” roles.
J-18808-Ljbffr