Threat Detection and Response Consultant

Innovative Solutions (IS) is a leading pure-player Cyber security company in the GCC established in 2003, headquartered in Riyadh with a presence in Al Khobar, Jeddah, Dubai, and Abu Dhabi. Our Cybersecurity Solutions and Services encompass Advisory Services, Technical Assurance, Solution Deployment, Professional Services, and Managed Security Services.

Innovative Solutions is committed to its mission to “Bring Trust to Cyberspace” to ensure “Your Business, Secured.”

As a Threat Detection and Response Consultant at Innovative Solutions, you will be responsible for providing expert guidance and support to clients in detecting and responding to cybersecurity threats. You will perform security assessments, develop threat detection strategies, and implement response plans. You will work collaboratively with client teams to enhance their security posture and ensure effective incident response processes are in place.

• Conduct compromise assessment activities.
• Conduct DFIR activities on Windows Linux and Cloud.
• Act as subject matter expert and expert witness where required.
• General intelligence advisories and delegate intelligence aggregation tasks to L2.
• Generate new use cases for emerging threats.
• Building detection use cases on SIEM, EDR, NDR, and other security controls.
• Test the detection use cases using threat simulation tools.
• Conduct threat-hunting activities periodically.
• Conduct threat-hunting activities based on intelligence reports.
• Building detection use cases based on intelligence reports.
• Track incident detection and closure.
• Conduct incident response coordination with customer.
• Validation of security incidents.
• Conduct audits of logging and correlation.
• Use of sandbox, honeypot, analytics tools, and security testing.
• Building playbooks in SOAR.
• Escalation management.
• Ensure quality of investigations and notification and direct L2 and L1 accordingly.
• Perform deep analysis to security incidents to identify the full kill chain.
• Respond to clients’ requests, concerns and suggestions.
• Act as subject matter expert for different clients.
• Provide knowledge to L1 and L2 such as guides, cheat sheets etc.
• Follow up with the recommendations to the client to contain an incident or mitigate a threat.
• Conduct presentations and updates to the client.
• Respond to incident escalations and provide solid recommendations.
• Conduct threat-hunting exercises on SIEM and EDR platforms.
• Perform threat intelligence analysis and investigations. Search on the dark web and use other platforms such as RF to identify intelligence indicators or threats for a specific client.
• Create reports for threat intelligence as a service.