وظيفة Regional Technical Lead DFIR لدى Group-IB في الرياض
Regional Technical Lead DFIR
🏢 Group-IB
تفاصيل الوظيفة
Group-IB تبحث عن قائد تقني إقليمي في مجال التحقيق الرقمي والاستجابة للحوادث (DFIR) للعمل في الرياض، المملكة العربية السعودية.
المهام والمسؤوليات
- تقديم خدمة استجابة للحوادث على مدار الساعة طوال أيام الأسبوع، بما في ذلك العمل في عطلات نهاية الأسبوع.
- إجراء زيارات ميدانية لدعم العملاء في المواقف الحرجة.
- تطبيق خبرة عملية في مجالات الطب الشرعي الافتراضي: Windows، Linux، والذاكرة.
- قيادة الاتجاه التقني أثناء الحوادث الأمنية عالية المخاطر.
- العمل كنقطة تصعيد أولى للفريق والعملاء.
- دعم الفريق في حل المشكلات المعقدة وغير المحددة بوضوح.
- اتخاذ قرارات سليمة مع بيانات غير كاملة، مع الموازنة بين العمق التحليلي وسرعة الاستجابة.
- المشاركة في البحث الأكاديمي وتشجيع نشر الأوراق والمقالات.
- مواكبة التكيف المستمر للتقنيات الجديدة والمنهجيات الحديثة.
- فهم الأنظمة غير الحتمية مثل LLMs وتكاملها في سير العمل التحقيقي.
- تقديم استشارات بحثية لتوجيه جهود الفريق التحقيقية والأكاديمية.
- تنمية مهارات أعضاء الفريق ونموهم المهني.
- تقديم استشارات في التحدث والعرض التقديمي لمساعدة الفريق على إيصال نتائجهم بفعالية.
- الاستفادة من خبرات التدريب والتعليم لرفع قدرات الفريق.
- الحفاظ على خبرة تقنية عميقة في مجال واحد على الأقل من مجالات الطب الشرعي.
- دعم مراقبة الجودة من خلال مراجعة المستندات الفنية والتحرير وإجراء تقييمات المراجعة.
- استخدام مهارات الكتابة الفنية المتقدمة لضمان وصول التقارير إلى أعلى المعايير.
- التنسيق بسلاسة عبر المجالات المختلفة وتخصصات الأمن السيبراني.
- تطبيق مهارات إدارة العمليات والمشاريع لضمان التسليم الفعال.
- دعم الرئيس الإقليمي في تخطيط المشاريع، خاصة في تحديد نطاق المشروع.
- استخدام مهارات اجتماعية قوية وخبرة في HUMINT (فهم الديناميكيات الشخصية والتواصل) لتعزيز التعاون.
الشروط والمتطلبات
- خبرة لا تقل عن 8 سنوات في أدوار DFIR ضمن مؤسسات الأمن السيبراني.
- معرفة قوية بمنهجيات DFIR والأدوات والمعايير الصناعية.
- مهارات قوية في إدارة أصحاب المصلحة والتعاون بين الأقسام.
- مهارات اتخاذ قرارات عالية المستوى في بيئات ديناميكية وعالية الضغط.
- إتقان إدارة العمليات بما في ذلك تصميم العمليات وتحسينها.
المهارات المطلوبة
- إجادة اللغة الإنجليزية بطلاقة؛ إجادة لغة إضافية مفضلة للغاية.
- خبرة في ممارسات الاستخبارات عبر المجالات السيبرانية وغيرها مرغوب فيها.
- سجل حافل في البحث الأكاديمي مفضل.
المزايا
- العمل مع قضايا حقيقية: تحقق Group-IB في الجماعات الإجرامية النشطة، وتستجيب للاختراقات التي تؤثر على البنية التحتية الحيوية، وتطور تقنيات تستخدمها وكالات إنفاذ القانون بما في ذلك الإنتربول ويوروبول وأفريبول في أكثر من 60 دولة.
- فرص النمو: اختر مسارك الخاص - تعمق كخبير تقني، أو انتقل إلى القيادة، أو انقل إلى فريق آخر، أو انتقل إلى أحد مراكز مقاومة الجرائم الرقمية عبر الأمريكتين وأوروبا والشرق الأوسط وأفريقيا وآسيا الوسطى وآسيا والمحيط الهادئ.
- تمويل الشهادات المهنية على نفقة الشركة: سواء كنت تسعى للحصول على CEH، CISSP، OSCP أو شهادات متخصصة في الطب الشرعي واختبار الاختراق.
- العمل إلى جانب قادة الصناعة: منصة المخاطر الموحدة معترف بها من قبل Gartner، Forrester، KuppingerCole وDatos Insights، وسميت Frost & Sullivan Group-IB كقائد للابتكار التكنولوجي العالمي لعام 2025.
- تحديات حقيقية وخبرة حقيقية.
عرض النص الأصلي للإعلان
Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, citizens, and support law enforcement operations.
Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.
About The Role
The Technical Lead will act as the primary technical anchor and initial escalation point during complex cybersecurity incidents. Led by a Regional Head, this role is deeply rooted in 24/7 technical excellence and cross-domain coordination. You will guide the technical direction of the team, provide extensive quality assurance, and drive the skill-up and professional growth of team members.
This is a highly specialized, purely technical career path. It explicitly does not include team management, disciplinary leadership functions, or the responsibility to drive the overarching strategic vision of the DFIR teams. You are the ultimate technical authority, not the administrative manager.
The DFIR vision: Our ultimate goal is to fight cybercrime by constantly learning and staying one step ahead of the attackers. We do not just solve isolated puzzles; we bring different security experts together to build a complete and strong defense. By handling a large volume of cases, we gain real, practical experience that makes us better every day. Instead of just handing our clients a confusing list of technical data or "homework," we focus on providing clear, actionable answers that explain exactly what happened and what it means for their business. Furthermore, we are constantly researching and looking ahead to ensure we are fully prepared for the future of automated cyber threats
Your Mission
Normal DFIR Duties (24/7 Service)
Group-IB is a global leader in cybersecurity technologies that investigate, predict, prevent, and fight digital crime. We help organizations reduce risk and protect trust. Trusted by governments, major industries, and law enforcement, we deliver adversary-focused, predictive threat intelligence and cyber fraud fusion solutions that detect, analyse, and mitigate regional and country-specific digital crimes.
Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.
About The Role
The Technical Lead will act as the primary technical anchor and initial escalation point during complex cybersecurity incidents. Led by a Regional Head, this role is deeply rooted in 24/7 technical excellence and cross-domain coordination. You will guide the technical direction of the team, provide extensive quality assurance, and drive the skill-up and professional growth of team members.
This is a highly specialized, purely technical career path. It explicitly does not include team management, disciplinary leadership functions, or the responsibility to drive the overarching strategic vision of the DFIR teams. You are the ultimate technical authority, not the administrative manager.
The DFIR vision: Our ultimate goal is to fight cybercrime by constantly learning and staying one step ahead of the attackers. We do not just solve isolated puzzles; we bring different security experts together to build a complete and strong defense. By handling a large volume of cases, we gain real, practical experience that makes us better every day. Instead of just handing our clients a confusing list of technical data or "homework," we focus on providing clear, actionable answers that explain exactly what happened and what it means for their business. Furthermore, we are constantly researching and looking ahead to ensure we are fully prepared for the future of automated cyber threats
Your Mission
Normal DFIR Duties (24/7 Service)
- Provide continuous 24/7 service, which includes working on weekends.
- Conduct onsite engagements to support clients directly in critical situations.
- Apply hands-on technical expertise in default forensics fields: Windows, Linux, and Memory.
- Operate under the strategic guidance and leadership of a Regional Head.
- Incident Management & Technical Direction:
- Lead the technical direction during high-stakes cybersecurity incidents.
- Act as the initial escalation point for the team and the clients.
- Support the team in resolving challenging, complex, and non-discrete problems.
- Make sound decisions with incomplete data, constantly balancing analytical depth versus the speed of response.
- Research & Technological Foresight:
- Actively engage in academic research and encourage the publication of papers and articles to drive the industry forward.
- Stay up-to-date with the continuous adaptation of new technologies and modern methodologies.
- Maintain a deep understanding of emerging tech, such as integrating and properly automating non-deterministic systems like LLMs into the investigative workflow.
- Provide research advisory to guide the team's investigative and academic efforts.
- Mentorship & Team Growth:
- Actively drive the skill-up and professional growth of DFIR team members.
- Provide research advisory to guide the team's investigative efforts.
- Offer speaking and presenting advisory to help team members communicate their findings effectively.
- Leverage your training and education experience to elevate the team's capabilities.
- Quality Assurance & Technical Depth:
- Maintain a technical deep-dive expertise in at least one specific forensics-related field.
- Support Quality Assurance by reviewing technical documents, editing, and conducting review evaluations.
- Utilize advanced technical writing skills to ensure reports meet the highest standards.
- Cross-Functional Coordination & Planning:
- Coordinate seamlessly across different domains and cybersecurity disciplines.
- Apply process and project management skills to ensure efficient delivery.
- Support the Regional Head in project planning, specifically in defining project scope descriptions.
- Utilize strong social skills, specifically expertise in HUMINT (understanding interpersonal dynamics and communication), to foster collaboration.
- Previous 8 years experience in DFIR roles within cybersecurity organizations
- Strong knowledge of DFIR methodologies, tools, and industry standards.
- Strong stakeholder management and interdepartmental collaboration skills
- High-level decision-making skills in dynamic and high-pressure environments.
- Proficiency in process management including process design and optimization.
- Fluent in English; proficiency in an additional language is highly preferred.
- Experience in intelligence tradecraft across cyber and other domains is highly desirable.
- A proven track record in academic research is preferred.
Group-IB is a global leader in cybersecurity technologies that investigate, predict, prevent, and fight digital crime. We help organizations reduce risk and protect trust. Trusted by governments, major industries, and law enforcement, we deliver adversary-focused, predictive threat intelligence and cyber fraud fusion solutions that detect, analyse, and mitigate regional and country-specific digital crimes.
- Work with real stakes. Group-IB investigates active cybercriminal groups, responds to breaches affecting critical infrastructure, and develops technologies used by law enforcement agencies including INTERPOL, Europol, and Afripol across 60+ countries. We've conducted 1,550+ cybercrime investigations alongside 600+ enterprise customers globally. When you join Group-IB, your work directly disrupts digital crime.
- Grow your way. Choose your own path: deepen your craft as a technical expert, step into leadership, move across to another team, or relocate to one of our Digital Crime Resistance Centers across the Americas, Europe, the Middle East & Africa, Central Asia, and the Asia-Pacific. Your growth is our growth - Group-IB's expansion across 60+ active country operations means real career acceleration.
- We fund professional certifications at company expense - whether you're pursuing CEH, CISSP, OSCP, or specialized certifications in forensics and penetration testing. You don't have to choose between doing the job and advancing your credentials.
- Work alongside industry leaders. Our Unified Risk Platform - Threat Intelligence, Digital Risk Protection, Attack Surface Management, Managed XDR, and more - is recognized by Gartner, Forrester, KuppingerCole, and Datos Insights. Frost & Sullivan named us a 2025 Global Technology Innovation Leader. When you work here, you're building technologies that set the industry standard.
- Real challenges, real expertise. You'll take on complex, real-world problems alongside adversary-centric researchers and incident response experts spread across six continents. We've built 21+ years of proprietary telemetry through 1,500+ joint investigations. No two threats look alike - and neither do the skills you'll develop.
- A team that is genuinely international. Our people come from different countries, speak different languages, and bring different perspectives. What connects us is a shared mission: fighting cybercrime and making the world safer. We care about your wellbeing and happiness as much as your output.
المصدر: LinkedIn - أُضيفت للموقع في 3 يوليو 2026