101 Incident Response jobs in Saudi Arabia

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region's ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments.

As experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Participates in leading incident response team effectively and efficiency and respond to cyber Contribute as a team member during incident response engagements and respond to cyber security incidents to clients within Saudi Arabia and GCC region that involve non-traditional working hours and willing to routinely travel with less than 48-hour notice.
• Contributes as a team member during compromise Assessment engagements for clients within Saudi Arabia and GCC region.
• Contributes to adversary hunting (Tactics, Techniques, and Procedures) on clients' environments utilizing different tools and techniques.
• Facilitates and coordinates client meetings, required documentation and provide support to team leads.
• Contributes to incident response and compromise assessment reports' writing.
• Shadows Incident response lead in deep dive analysis of compromised assets.
• Supports during the deployment and configuration of EDR and NDR technologies as per lead consultant instructions.
• Spots false positive findings during Incident Response and compromise assessment engagement.
• Maintains a thriving environment with team members.
• Adheres to departmental and section processes, procedures, and standards.
• Contributes to existent EDR solution's fine tuning detection rules exercise.
• Able to quickly learn and understand new technologies and techniques related to incident response and cyber security in general.
• Updates about latest cybersecurity attacks, threats, and analysis techniques.
• Parses and analyzes host behaviors, logs, artifacts, and network traffic to detect threats and identify anomalies.
• Understands collection scripts and contribute to finding workarounds to collect and analyze data when deploying an EDR is not possible.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline.

Professional Certificate such as the below are Preferred:

• Professional Certificate such as GCIH, GCFA, GCFE, GNFA, GREM, or any other equivalent certifications is preferred.

Years of Experience:

• A minimum of 7 years in relevant experience.

Skills:

• Advance knowledge of current cyber security threats, attacks, tactics, techniques, and countermeasures.
• Intermediate knowledge of the Incident Response Lifecycle, the Cyber Kill Chain. framework, MITRE ATT&CK framework, and their related tactics, techniques, tools, procedures.
• Advance knowledge of digital forensics and its methodology, security and network architectures, operating systems (including Linux/Unix and Windows).
• Advance knowledge of network forensic artifacts' collection and analysis.
• Advance knowledge of utilizing a variety of leading network and host forensic tools.
• Intermediate proficiency in written and verbal communication skills.
• Intermediate knowledge in operating systems.

Keeta is an independent brand of Meituan, the world's largest tech-driven retail company. Keeta is revolutionizing the food delivery space. As a dynamic and innovative global platform, Keeta leverages cutting-edge technology to provide fast, reliable, and seamless food delivery experiences. With the mission "We help people eat better, live better", Keeta launched in 2023 and has rapidly expanded across key regions, including Hong Kong, Saudi Arabia and now in Brazil.

Are you passionate about public safety, regulatory coordination, and emergency response? Do you thrive in fast-paced, high-growth environments where safety and compliance are mission-critical? Join us in building a safer ecosystem for our platform and users.

• Emergency Response: Lead swift and effective responses to traffic accidents, public safety events, fire hazards, and more.
• Daily Safety Ops: Analyze safety data, implement risk prevention strategies, and manage safety documentation.
• Regulatory Liaison: Act as the bridge between our team and local regulatory authorities—ensuring compliance and alignment with jurisdictional protocols.
• Cross-functional Support: Collaborate with HQ and cross-regional teams on initiatives and directives.

Innovation-Driven: Keeta uses the advanced technology solutions to disrupt the traditional food delivery landscape, making every order smarter and faster.

Fast-Growing & Dynamic: Keeta is expanding quickly, offering endless opportunities for personal and professional growth.

Global Impact: Join a company that’s transforming the way people enjoy food, impacting communities around the world.

Education & Experience: Bachelor’s degree or above with 5+ years in corporate safety, compliance, or emergency management.

• Solid grasp of safety workflows and local regulatory processes.
• Background in internet/tech platforms is a plus.
• Prior corporate safety-related experience required.

• Strong business writing and verbal expression.
• Team player with a hands-on, problem-solving attitude.

• Detail-oriented and responsible.
• Comfortable working under pressure.
• Open to short-term business travel.

Fluent in Arabic, English, and Mandarin

• Managing public security events, fire safety, or traffic emergencies.
• Experience dealing directly with safety regulatory authorities and compliance agencies.

Apply now or reach out to our talent team to learn more.

#ComplianceJobs #IncidentResponse #SafetyManagement #InternetSafety #EmergencyResponse #RegulatoryAffairs #HiringNow

• Mid-Senior level

• Full-time

• Consulting and Management
• Information Services and Technology, Information and Media

Get notified about new Incident Manager jobs in Riyadh, Saudi Arabia.

Company Description
Innovative Solutions (IS) is a distinguished Cybersecurity company, founded in 2003 and headquartered in Riyadh, with a strong presence across the GCC region, including Al Khobar, Jeddah, Dubai, and Abu Dhabi. We specialize in a broad array of Cybersecurity solutions and services, encompassing Advisory Services, Technical Assurance, Solution Deployment, Professional Services, and Managed Security Services.

At Innovative Solutions, our mission is to "Bring Trust to Cyberspace" to ensure "
Your Business, Secured
".

Role Description
As the Incident Response Team Lead at Innovative Solutions, you will oversee our incident response team's activities, ensuring swift and effective responses to cybersecurity incidents. You will lead investigations, coordinate responses, and develop strategies to improve our incident response capabilities. You will also mentor team members, promoting continuous improvement in processes and practices to enhance the cyber resilience of our organization and clients.

Responsibilities:

• Lead and manage the incident response team, setting priorities, assigning tasks, and ensuring timely resolution of incidents
• Provide mentorship, coaching, and skills development for team members
• Act as the central escalation point of contact for critical and complex incidents
• Develop and manage incident response metrics, reporting, and performance KPIs
• Provide executive briefings and updates during major security incidents
• Ensure incident response processes compliance with regulatory frameworks

DFIR Operations:

• Oversee incident response lifecycle
• Coordinate technical and business stakeholders during incidents, ensuring clear communication and structured escalation
• Lead root cause analysis, digital forensics, and threat hunting activities for critical incidents
• Ensure proper documentation of incidents, including timelines, actions taken, and lessons learned

Process and Improvements:

• Develop, implement, and maintain incident response playbooks, runbooks, and escalation processes
• Coordinate and lead tabletop exercises, red team/purple team simulations, and incident readiness drills
• Collaborate with SOC, threat intelligence, vulnerability management, and IT/OT security teams to enhance detection and response capabilities

Requirements

• Bachelor's degree in computer science, cyber security, or a related field. Master's degree is a plus
• 3+ years of experience in cybersecurity, with a focus on incident response
• Proven experience leading incident response teams and managing incidents effectively
• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, BTL1, OSDA, CDSA, or PSAA. CISSP is a plus
• Strong expertise in incident response methodologies and frameworks
• Excellent leadership, communication, and interpersonal skills
• Ability to think critically and make sound decisions under pressure

Benefits

• Comprehensive training and development programs
• Opportunity for career growth and advancement
• Friendly and supportive work environment

We're Hiring: Senior Compliance & Incident Response Manager

Keeta is an independent brand of Meituan, the world's largest tech-driven retail company. Keeta is revolutionizing the food delivery space. As a dynamic and innovative global platform, Keeta leverages cutting-edge technology to provide fast, reliable, and seamless food delivery experiences. With the mission "We help people eat better, live better", Keeta launched in 2023 and has rapidly expanded across key regions, including Hong Kong, Saudi Arabia and now in Brazil.

Are you passionate about public safety, regulatory coordination, and emergency response? Do you thrive in fast-paced, high-growth environments where safety and compliance are mission-critical? Join us in building a safer ecosystem for our platform and users.

What You'll Do

• Emergency Response:
  Lead swift and effective responses to traffic accidents, public safety events, fire hazards, and more.
• Daily Safety Ops:
  Analyze safety data, implement risk prevention strategies, and manage safety documentation.
• Regulatory Liaison:
  Act as the bridge between our team and local regulatory authorities—ensuring compliance and alignment with jurisdictional protocols.
• Cross-functional Support:
  Collaborate with HQ and cross-regional teams on initiatives and directives.

Why Keeta?

Innovation-Driven: Keeta uses the advanced technology solutions to disrupt the traditional food delivery landscape, making every order smarter and faster.

Fast-Growing & Dynamic: Keeta is expanding quickly, offering endless opportunities for personal and professional growth.

Global Impact: Join a company that's transforming the way people enjoy food, impacting communities around the world.

What We're Looking For

Education & Experience:
Bachelor's degree or above with 5+ years in corporate safety, compliance, or emergency management.

Professional Skills:

• Solid grasp of safety workflows and local regulatory processes.
• Background in internet/tech platforms is a plus.
• Prior corporate safety-related experience required.

Soft Skills:

• Excellent communication & coordination skills.
• Strong business writing and verbal expression.
• Team player with a hands-on, problem-solving attitude.

Mindset & Flexibility:

• Detail-oriented and responsible.
• Comfortable working under pressure.
• Open to short-term business travel.

Language Skills:

Fluent in Arabic, English, and Mandarin

Bonus Points If You Have

• Managing public security events, fire safety, or traffic emergencies.
• Experience dealing directly with safety regulatory authorities and compliance agencies.

Location: Jeddah, Saudi Arabia

Apply now or reach out to our talent team to learn more.

Company Description
Innovative Solutions (IS) is a leading cybersecurity company established in 2003, with its headquarters in Riyadh and a strong presence throughout the GCC, including Al Khobar, Jeddah, Dubai, and Abu Dhabi. We provide a comprehensive array of cybersecurity services, from advisory and technical assurance to solution deployment and managed security services. Our mission is clear: to bring trust to cyberspace and ensure that your business is well secured.

Role Description
As a Senior Incident Response Specialist at Innovative Solutions, you will be at the forefront of defending our organization and clients against cyber threats. You will lead incident response activities, oversee investigations, develop response strategies, and liaise with other teams to manage complex incidents effectively. Your expertise will be pivotal in enhancing our incident response capabilities and driving continuous improvement in our security operations.

Responsibilities

• Lead incident response activities for security incidents across the organization
• Conduct thorough investigations of security breaches and incidents to identify root causes and impacts
• Present findings to stakeholders and assist in reporting processes post incident
• Assist in creating and maintaining documentation related to incident handling and response activities
• Conduct digital forensics and malware analysis to support investigations and determine root cause, impact, and scope
• Participate in red/blue/purple team exercises to test and improve response readiness
• Stay updated on emerging threats, attack techniques, and incident response best practices
• Perform proactive threat hunting based on intelligence, anomalies, and advanced detection techniques
• Act as a technical point of contact for incident response analysts, providing guidance, and mentorship
• Collaborate with SOC, threat intelligence, vulnerability management, and IT/OT teams to improve detection and response capabilities

Requirements

• Bachelor's degree in computer science, cyber security, or a related field
• 3+ years of experience in incident response or a related cybersecurity role
• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, BTL1, OSDA, CDSA, or PSAA
• Proven track record of handling advanced persistent threats, ransomware, insider threats, and cloud security incidents
• Strong knowledge of operating systems, networking protocols, and security technologies
• Experience with SIEM, EDR, SOAR platforms, forensic tools, and malware analysis frameworks
• Strong written and verbal communication skills, capable of engaging with different levels of stakeholders
• Ability to work in a fast-paced environment and manage multiple incidents simultaneously
• Willingness to participate in on-call duties and rotate shifts as needed

Benefits

• Comprehensive training and development programs
• Opportunity for career growth and advancement
• Friendly and supportive work environment

Innovative Solutions (IS) is a leading cybersecurity company established in 2003, with its headquarters in Riyadh and a strong presence throughout the GCC, including Al Khobar, Jeddah, Dubai, and Abu Dhabi. We provide a comprehensive array of cybersecurity services, from advisory and technical assurance to solution deployment and managed security services. Our mission is clear: to bring trust to cyberspace and ensure that your business is well secured.

As a Senior Incident Response Specialist at Innovative Solutions, you will be at the forefront of defending our organization and clients against cyber threats. You will lead incident response activities, oversee investigations, develop response strategies, and liaise with other teams to manage complex incidents effectively. Your expertise will be pivotal in enhancing our incident response capabilities and driving continuous improvement in our security operations.

• Lead incident response activities for security incidents across the organization.
• Conduct thorough investigations of security breaches and incidents to identify root causes and impacts.
• Present findings to stakeholders and assist in reporting processes post incident.
• Assist in creating and maintaining documentation related to incident handling and response activities.
• Conduct digital forensics and malware analysis to support investigations and determine root cause, impact, and scope.
• Participate in red/blue/purple team exercises to test and improve response readiness.
• Stay updated on emerging threats, attack techniques, and incident response best practices.
• Perform proactive threat hunting based on intelligence, anomalies, and advanced detection techniques
• Act as a technical point of contact for incident response analysts, providing guidance, and mentorship.
• Collaborate with SOC, threat intelligence, vulnerability management, and IT/OT teams to improve detection and response capabilities.

• Bachelor's degree in computer science, cyber security, or a related field.
• 3+ years of experience in incident response or a related cybersecurity role.
• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, BTL1, OSDA, CDSA, or PSAA.
• Proven track record of handling advanced persistent threats, ransomware, insider threats, and cloud security incidents.
• Strong knowledge of operating systems, networking protocols, and security technologies.
• Experience with SIEM, EDR, SOAR platforms, forensic tools, and malware analysis frameworks
• Strong written and verbal communication skills, capable of engaging with different levels of stakeholders.

• Ability to work in a fast-paced environment and manage multiple incidents simultaneously.

• Willingness to participate in on-call duties and rotate shifts as needed.

• Comprehensive training and development programs.
• Opportunity for career growth and advancement.
• Friendly and supportive work environment.

Innovative Solutions (IS) is a distinguished Cybersecurity company, founded in 2003 and headquartered in Riyadh, with a strong presence across the GCC region, including Al Khobar, Jeddah, Dubai, and Abu Dhabi. We specialize in a broad array of Cybersecurity solutions and services, encompassing Advisory Services, Technical Assurance, Solution Deployment, Professional Services, and Managed Security Services.

At Innovative Solutions, our mission is to "Bring Trust to Cyberspace" to ensure "Your Business, Secured".

As the Incident Response Team Lead at Innovative Solutions, you will oversee our incident response team's activities, ensuring swift and effective responses to cybersecurity incidents. You will lead investigations, coordinate responses, and develop strategies to improve our incident response capabilities. You will also mentor team members, promoting continuous improvement in processes and practices to enhance the cyber resilience of our organization and clients.

Responsibilities:

• Lead and manage the incident response team, setting priorities, assigning tasks, and ensuring timely resolution of incidents.
• Provide mentorship, coaching, and skills development for team members.
• Act as the central escalation point of contact for critical and complex incidents.
• Develop and manage incident response metrics, reporting, and performance KPIs.
• Provide executive briefings and updates during major security incidents
• Ensure incident response processes compliance with regulatory frameworks.

DFIR Operations:

• Oversee incident response lifecycle.
• Coordinate technical and business stakeholders during incidents, ensuring clear communication and structured escalation.
• Lead root cause analysis, digital forensics, and threat hunting activities for critical incidents.
• Ensure proper documentation of incidents, including timelines, actions taken, and lessons learned.

Process and Improvements:

• Develop, implement, and maintain incident response playbooks, runbooks, and escalation processes.
• Coordinate and lead tabletop exercises, red team/purple team simulations, and incident readiness drills.
• Collaborate with SOC, threat intelligence, vulnerability management, and IT/OT security teams to enhance detection and response capabilities.

• Bachelor's degree in computer science, cyber security, or a related field. Master's degree is a plus.
• 3+ years of experience in cybersecurity, with a focus on incident response.
• Proven experience leading incident response teams and managing incidents effectively.
• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, BTL1, OSDA, CDSA, or PSAA. CISSP is a plus.
• Strong expertise in incident response methodologies and frameworks.
• Excellent leadership, communication, and interpersonal skills.
• Ability to think critically and make sound decisions under pressure.

• Comprehensive training and development programs.
• Opportunity for career growth and advancement.
• Friendly and supportive work environment.

ABOUT GROUP-IB:

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity

technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company's DNA, shaping its technological capabilities to defend businesses, and citizens, and support law enforcement operations.

Group-IB's Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Each of us can help make the world a safer place. Join us

ABOUT THE ROLE:

This is a
high-impact,
hands-on role that puts you on the front lines of some of the most challenging incident response and threat hunting engagements. You'll work across diverse industries, confronting real-world cyber threats and helping clients recover from complex incidents. Your expertise will directly shape outcomes, protect critical infrastructure, and contribute to a safer digital environment.

This role is ideal for professionals eager to sharpen their DFIR skills while operating in fast-paced, high-stakes environments.

YOUR MISSION

• Conduct root cause analysis to determine the initial attack vector in security incidents.
• Lead incident response engagements, including containment, eradication, and recovery guidance.
• Acquire and analyze disk and memory forensic images, as well as perform triage analysis.
• Recover deleted data, trace file execution, and validate indicators of compromise (IOCs).
• Develop attack hypotheses using adversary TTPs mapped to the MITRE ATT&CK framework.
• Prepare and deliver clear, actionable reports and findings to both technical and non-technical stakeholders.
• Maintain composure and communicate effectively in high-pressure, time-sensitive incidents.

WHAT SUCCESS LOOKS LIKE:

• Minimum first hands-on experience in Digital Forensics and Incident Response.
• Bachelor's degree in Cybersecurity, Computer Science, Information Security, or equivalent professional experience.
• Proficiency in analyzing forensic artifacts such as:
• Windows registry
• Master File Table (MFT)
• Prefetch files
• Shellbags
• Event logs
• Experience working with EDR platforms and SIEM solutions.
• Strong understanding of attacker methodologies, MITRE ATT&CK, and the intrusion kill chain.

Additional requirements:

• Excellent communication skills.
• Strong problem-solving mindset and attention to detail.
• Ability to remain calm under pressure during active incidents.
• One or more of the following: GCFA, GCIH, GNFA, GCFE, CHFI, GCFR, OSCP, or similar.

OUR WORK ENVIRONMENT & CULTURE:

At Group-IB, we believe that employee happiness is fundamental to success. We foster a supportive, inclusive, and dynamic workplace where every team member is empowered to grow. Whether you're aiming to deepen your expertise, step into leadership, explore new departments, or take your career abroad, we provide diverse opportunities for professional development.

Our team is made up of specialists from around the world who bring deep international expertise and thrive on solving complex challenges. You'll be working with cutting-edge technologies recognized globally by Gartner, IDC, and Forrester, and contributing to projects that span across 60 countries alongside 450+ partners and 500+ clients.

We take pride in our multicultural, values-driven culture—where mutual respect, collaboration, and shared goals unite us across borders. And with Group-IB's continued global growth and financial stability, your career trajectory here can accelerate faster than in most traditional environments.

WHAT DO WE OFFER
:

• Flexible Work Schedule
• We don't believe in fixed hours—what matters is impact, not time spent. You have the freedom to design your own workday in a way that drives results and balance.
• Comprehensive Health Coverage
• Your well-being comes first. We offer health insurance to support you when it matters most.
• Certifications & Continuous Learning
• Our team holds over 1,000 globally recognized certifications, including CEH, CISSP, OSCP, and more. Through our incentive program, we cover the cost of professional development—because your growth fuels our innovation.
• Meaningful Challenges & Growth Paths
• From soft skills development to advanced technical training, a wide range of internal programs help you expand your skill set—and earn recognition and rewards along the way.
• Entrepreneurial spirit is encouraged
• We value initiative. Whether it's launching a tech blog, organizing events, building communities, or starting a sports team—Group-IB is a place where bold ideas are supported and celebrated. .

Senior Incident Response Specialist, Bangkok Based (Relocation Provided)

We are seeking an industry-experienced, highly motivated and self-driven Incident Response Specialist who can rapidly address security incidents and threats, strategize and lead engagements with all staffing levels. On the ground level, your job is to monitor threats targeting Agoda and help prevent attacks from occurring or worsening.

• Perform end-to-end handling of all critical, high and medium cyber security incidents at Agoda
• Draft incident reports and communicate incident summaries to senior leadership, end users, legal teams
• Write playbooks for different types of cyber security incidents and use automation to reduce MTTR
• Automate repetitive tasks of incident response using automation platforms and/or programming
• Optimize existing security controls to fine-tune alerts and reduce false positives
• Gather open source and commercial threat intelligence and perform hunting across the enterprise for undetected threats
• Support the legal and regulatory teams as a technical SME for cyber incidents with regulatory requirements
• Evaluate new technologies and drive POCs for new security products

Note: You will be expected to leverage your coding skills to develop and automate solutions that enhance our Detection and Response capabilities. Proficiency in understanding and writing code is essential for building and maintaining response automation tools.

• 5+ years of experience in Cyber Security, specifically in Incident Response, and experience working with 24/7 SOC teams
• Strong understanding of NIST, CSF, MITRE and other cyber security frameworks
• Programming or scripting skills (e.g., Python or C++) for automating incident response tasks and developing custom security tools
• Ability to write and tune detection rules in different security platforms
• Hands-on experience dealing with major security incidents
• Ability to automate using automation platforms or programming skills
• Malware analysis and digital forensics experience are a plus
• Certifications in Cyber Security, Forensic and Incident Response are a plus (CISSP, ECSA, GISP, GCIH, GCFE, GCFA)
• Flexible, fast-moving, adaptable and multi-tasking; excellent English communication skills (oral and written)
• Relocation package provided for Bangkok, Thailand
• Hybrid working model and WFH setup allowances

• Hybrid working model
• WFH set up allowance
• 30 days remote working from anywhere globally each year
• Employee discount for accommodation globally
• Global team of 90+ nationalities
• 40+ offices and 25+ countries
• Annual CSR / Volunteer Time off
• Benevity subscription for employee donations
• Volunteering opportunities globally
• Free Headspace, Odilo & Udemy subscriptions
• Employee Assistance Program
• Enhanced Parental Leave
• Life, TPD & Accident Insurance

At Agoda, we pride ourselves on being a company represented by people of diverse backgrounds and orientations. We are committed to equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We may keep your application on file for future vacancies unless you request removal. For details, please read our privacy policy.

We do not engage with unsolicited third-party agencies. If we receive unsolicited CVs, we reserve the right to contact and hire the candidate directly without a recruitment fee.