This page was automatically translated and may contain errors. View in English.
Group-IB

Regional Technical Lead, DFIR

Group-IB

Riyadh, Riyadh Province, Saudi Arabia · Tempo total

Seja o primeiro a se candidatar

Experiência
8+ anos
Salário
Vagas
1
Publicado
há 5 horas
Modo de trabalho
No escritório
Elegibilidade
Experienced DFIR professionals who meet the technical and language requirements, can support 24/7 service, and are comfortable with onsite incident response and cross-functional collaboration.
Retomar
Obrigatório candidatar-se

Onde você trabalhará

Descrição da vaga

About Group-IB

Group-IB, established in 2003 and based in Singapore, builds cybersecurity capabilities aimed at investigating, preventing, and countering digital crime. Its work supports businesses, private citizens, and law-enforcement efforts. The company operates Digital Crime Resistance Centers across the Middle East, Europe, Central Asia, and Asia-Pacific to analyze and respond quickly to region-specific threats.

Role overview

The Regional Technical Lead for DFIR is the main technical authority and first escalation contact for complex cyber incidents. Reporting through the Regional Head, the position is centered on 24/7 technical delivery, cross-domain coordination, rigorous quality assurance, and helping the DFIR team grow their expertise.

This is a highly specialized technical track. It does not include people management, disciplinary authority, or ownership of the overall DFIR strategy. The role is focused on being the deepest technical resource and guiding incident response from a hands-on perspective.

Mission and working model

The DFIR function is built around continuous learning, practical investigation experience, and delivering clear, business-relevant conclusions rather than just raw technical data. The team also keeps an eye on future cyber threats, including the increasing use of automation and AI-driven techniques.

Responsibilities

  • Provide around-the-clock DFIR coverage, including weekends.
  • Travel onsite to support clients during serious incidents when required.
  • Apply practical forensic expertise across Windows, Linux, and memory analysis.
  • Follow direction from the Regional Head while owning the technical response.
  • Lead technical decision-making during major cybersecurity incidents.
  • Serve as the first escalation contact for internal teams and clients.
  • Help resolve complex, ambiguous, and highly technical investigative issues.
  • Make timely judgments even when information is incomplete, balancing depth of analysis with response speed.
  • Track new technologies and evolving investigative methods.
  • Contribute to academic and industry research, including papers and articles.
  • Support responsible use and automation of emerging tools such as LLMs in investigative workflows.
  • Advise the team on research direction and investigative approach.
  • Mentor DFIR team members and support their technical development.
  • Provide guidance on presentations and communication of findings.
  • Use prior training and teaching experience to strengthen the team’s overall capability.
  • Maintain advanced expertise in at least one forensic specialty.
  • Review technical reports and documentation as part of quality assurance.
  • Apply strong technical writing skills to improve report quality.
  • Work across multiple cybersecurity domains and coordinate with different functions.
  • Use process and project management methods to support efficient delivery.
  • Assist the Regional Head with project scoping and planning.
  • Use strong interpersonal and communication skills to support collaboration.

Requirements

  • At least 8 years of DFIR experience in cybersecurity organizations.
  • Solid understanding of DFIR methods, tools, and industry practices.
  • Strong ability to work with stakeholders and collaborate across departments.
  • Confident decision-making in fast-moving and high-pressure situations.
  • Experience with process management, including design and optimization.
  • Fluency in English.
  • Additional language ability is strongly preferred.
  • Background in intelligence tradecraft across cyber or other domains is highly desirable.
  • Demonstrated academic research experience is preferred.

Why Group-IB

Group-IB positions itself as a global cybersecurity leader focused on investigating, predicting, preventing, and disrupting digital crime. Its solutions help organizations reduce risk and protect trust, and its work supports governments, major industries, and law-enforcement bodies worldwide.

  • Work on real-world cases that affect critical infrastructure and law-enforcement operations.
  • Opportunity to grow technically, move into leadership later, change teams, or relocate across multiple regional centers.
  • Company-funded professional certifications, including CEH, CISSP, OSCP, and specialized forensics or penetration-testing credentials.
  • Exposure to industry-recognized products and frameworks acknowledged by major analysts and research firms.
  • Opportunity to work on complex cases with adversary-focused researchers and incident response specialists worldwide.
  • International team environment with strong emphasis on wellbeing and collaboration.

Additional information

The job requires continuous service coverage and weekend availability. It also includes onsite client engagement during critical incidents. The role is technical in nature and is not a management or strategic leadership position.

Group-IB emphasizes ongoing research, publication, and readiness for future automated cyber threats as part of the team’s broader mission.

Deixe este campo se desejar uma resposta — não o utilizaremos para mais nada.

Clique para navegar, arrastar e soltar, ou colar uma captura de tela

PNG, JPG, GIF, MP4, WebM, MOV · Máximo de 20 MB cada · Até 5 arquivos

🤖
Assistente Broxer
Online · ajuda instantânea de IA
🤖
Com tecnologia de IA · respostas da Broxer Help