Senior Cybersecurity Digital Forensics Specialist

About NetWitness

NetWitness is a leader in cybersecurity incident response, delivering cutting-edge solutions for threat detection, forensics, and response. Join our elite Incident Response team to safeguard critical infrastructure against evolving cyber threats.

Job Summary

We are seeking a highly skilled Senior Cybersecurity Digital Forensics Specialist to join our NetWitness Incident Response team. In this remote role, you will lead complex digital forensics investigations, perform advanced incident response, and support clients in high-stakes environments. The ideal candidate thrives in fast-paced scenarios, combining deep technical expertise with bilingual communication skills.

Key Responsibilities

• Conduct thorough digital forensics examinations on endpoints, networks, memory, and cloud environments using industry-leading tools.
• Lead incident response engagements, including triage, malware analysis, threat hunting, and root cause determination.
• Develop forensic reports, timelines, and executive summaries for clients and stakeholders.
• Participate in the development or customization of tools and scripts to speed up any investigation process.
• Collaborate with cross-functional teams to mitigate threats and recommend remediation strategies.
• Travel up to 50% of the time for on-site investigations, client meetings, or incident support as needed.
• Mentor junior analysts and contribute to team knowledge-sharing initiatives.

Requirements

7+years of experience in cyber security and 5+ years of hands-on experience in digital forensics and incident response (DFIR).

SANS certifications in DFIR and Incident Response (e.g., FOR508, GCIH, or equivalent), in particular, at least one between the following:

• GCFA (GIAC Certified Forensic Analyst):
• GCFE (GIAC Certified Forensic Examiner)
• GCIH (GIAC Certified Incident Handler)
• GNFA (GIAC Network Forensic Analyst)

And at least one between the following:

• GCFR (GIAC Cloud Forensics Responder)
• GBFA (GIAC Battlefield Forensics and Acquisition)
• GCTI (GIAC Cyber Threat Intelligence)
• GREM (Reverse Engineering Malware) for niche forensics.

Fluency in English and Arabic (spoken and written).

Legal entitlement to work in Qatar.

Availability for remote work with up to 50% travel.

Preferred Qualifications

Programming skills in Python and/or SQL for automation, scripting, and data analysis.

Additional cybersecurity certifications (e.g., GCFA, GCFE, CISSP, OSCP, or equivalent).

Experience with tools like Volatility, EnCase, FTK, Wireshark, or NetWitness platforms.

Familiarity with MITRE ATT&CK, threat intelligence, or OT/ICS forensics.

Benefits

Competitive salary and benefits package.

Flexible remote work with travel support.

Opportunities for professional growth in a dynamic cybersecurity environment.

Collaborative culture focused on innovation and impact.