عرض العمل هذا غير متوفر في بلدك.

Senior Incident Response Engineer – Telecom Cybersecurity

VaporVMDubai, Dubai, United Arab Emirates

17 منذ أيام

الوصف الوظيفي

2 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from VaporVM

We are looking for a highly skilled and proactive Incident Response Engineer with at least 5 years of hands-on cybersecurity experience, including a strong background in the telecom industry. This role is critical to ensuring rapid detection, investigation, containment, and resolution of security incidents. You will collaborate with cross-functional teams to improve the organization’s security posture and operational resilience in a fast-paced telecom environment.

Key Responsibilities :

Monitor and triage security alerts from telecom-focused SIEM, EDR, and threat intelligence platforms.
Investigate security incidents involving signaling networks (SS7, Diameter, SIP), subscriber data, and telecom infrastructure.
Lead incident response lifecycle phases : detection, analysis, containment, eradication, recovery, and post-incident review.
Utilize tools like Splunk, IBM QRadar, CrowdStrike, Palo Alto Cortex XDR, and Wireshark for forensic and packet analysis.
Coordinate with SOC teams, NOC, IT Ops, and Core Network teams for effective incident resolution.
Develop and maintain incident response runbooks specific to telecom use cases (e.g., network intrusions, signaling fraud, SIM cloning, BSS / OSS attacks).
Conduct threat hunting and IOC correlation to detect stealthy attacks across telecom infrastructure.
Analyze malware and conduct memory and disk forensics using tools such as Volatility, FTK, EnCase, and Autopsy.
Stay current on threats to the telecom sector including APT groups, signaling layer exploits, and SS7 / Diameter vulnerabilities.
Support regulatory compliance (e.g., NCA, TRA, GDPR, SAMA) and law enforcement requests by providing forensic evidence and incident reports.
Organize and lead tabletop exercises and breach simulations involving telecom-specific threat scenarios.

Required Qualifications :

Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or a related discipline.

Minimum 5 years of cybersecurity experience, with at least 3 years in incident response.

Mandatory experience in the telecom industry, including knowledge of core network architecture (4G / 5G), VAS, BSS / OSS systems, and network signaling protocols (e.g., SS7, SIP, Diameter).

Strong understanding of network security, TCP / IP, firewalls, proxies, and telecom-specific attack surfaces.

Hands-on experience with SIEM tools (Splunk, QRadar), EDR platforms (CrowdStrike, SentinelOne, Cortex XDR), and forensic tools.

Proficiency in Python, Bash, or PowerShell scripting for automation and custom parsing.

Solid grasp of MITRE ATT&CK, NIST 800-61, ISO / IEC 27035, and telecom security best practices.

Relevant certifications : GCIA, GCIH, CEH, CISSP, OSCP, or equivalent are highly preferred.

Key Skills & Tools :

Telecom Cybersecurity

Threat Hunting & IOC Analysis

SIEM (Splunk, QRadar), EDR (CrowdStrike, Cortex XDR)

Signaling Protocols : SS7, Diameter, SIP

Packet Analysis & Forensics (Wireshark, FTK, EnCase)

Security Automation & Scripting (Python, PowerShell)

Regulatory & Compliance (NCA, SAMA, GDPR)

Malware Analysis & Reverse Engineering

Security Documentation & Playbook Development

Seniority level : Mid-Senior level

Employment type : Full-time

Job function : Information Technology, IT Services and IT Consulting

Referrals increase your chances of interviewing at VaporVM by 2x

J-18808-Ljbffr

إنشاء تنبيه وظيفي لهذا البحث

Engineer Telecom • Dubai, Dubai, United Arab Emirates