Adroit People Limited (UK) Vacancies in Jubail, Eastern, Saudi Arabia – Digital Forensics and Incident Response- DFIR

Website Adroit People Limited (UK)

Are you looking for a Job at Adroit People Limited UK in Jubail, Eastern, Saudi Arabia

About the job

Job Requirements


The candidate should have:

  • minimum 4 years of professional experience in Digital Forensics and Incident Response
  • language skills to communicate in English
  • background in IT Security
  • relevant certifications for DFIR and security
  • knowledge about operating systems (Windows, Linux), memory forensics, networking and core TCP/IP protocols
  • a basic understanding of core processes in DFIR like the “Cyber Kill Chain” and others

Host Forensics

Understanding Windows, Active Directory and Linux/ Unix core functions like:

  • processes and services/ daemons
  • file systems (NTFS, ext3, ext4, APFS and others)
  • registry on Windows and core files in /etc/ on Unix
  • event logging on Windows and Unix/ Linux

Any candidate must be able to analyse core evidence on Windows systems like:

  • prefetch, shimcache, LNK files and shellbags
  • timestamps in the file system and in NTFS files like $MFT, $J and $Logfile
  • common autostart locations in the registry and the Windows operating system

Host forensics can be done on the live operating system or on forensic hard drive images. The applicant must be able to perform both, and should know the right processes to preserve, gather and analyse evidence in both scenarios.

Memory Forensics

We expect experience in:

  • creating memory dumps with various tools
  • analysing memory dumps with Volatility, Rekall or other products

Networking Concepts and Network Forensics

For this job it is necessary to have at least a basic understanding of:

  • routing, switching and firewalling
  • knowledge about core protocols like DNS, SSH, SMB, Kerberos, SFTP, HTTP/S, ARP, SMTP, IMAP and DHCP
  • capturing packets with Wireshark or other common tools
  • analysing basic network traffic and recognizing the aforementioned protocols from their PCAP files

Attackers and Malware

The candidate must have experience in dealing with malware of all kinds. We expect knowledge about:

  • common attack vectors attackers use to compromise customer environments
  • different types of malware like trojans, worms and ransomware
  • persistence mechanisms on Windows and Linux
  • log analysis and correlation

Nice-to-have Skills and Experience

It is a bonus, if the candidate has experience in some of the following areas:

  • security advisory and consulting
  • system administration
  • programming languages and scripting, especially Python or a high-level language like C#, C++
  • penetrations testing, red teaming or vulnerability assessments
  • malware analysis

Experience with the following tools and software is beneficial, too:

  • write blockers from CRU and/ or Logicube
  • Wireshark, Volatility (Volexity) and FTK Imager
  • X-Ways Forensics or any other professional tool for forensic investigations
  • Any other open-source of commercial tool to conduct digital forensic investigations
  • Microsoft Office and O365

We are aware, that not every candidate can fulfil all these requirements. The more conditions are met, the better.

Company: Adroit People Limited (UK)

Vacancy Type: Full-time · Mid-Senior level 

Job Location: Jubail, Eastern, Saudi Arabia

Application Deadline: N/A

Apply Here

To apply for this job email your details to