G42
Security Engineer ā DFIR Lab
- Permanent
- Abu Dhabi, United Arab Emirates
- Experience 5 - 10 yrs
Job expiry date: 15/12/2025
Job overview
Date posted
31/10/2025
Location
Abu Dhabi, United Arab Emirates
Salary
AED 20,000 - 30,000 per month
Compensation
Comprehensive package
Experience
5 - 10 yrs
Seniority
Experienced
Qualification
Bachelors degree
Expiration date
15/12/2025
Job description
The Security Engineer ā DFIR Lab at CPX is responsible for managing and maintaining the Digital Forensics and Incident Response (DFIR) Labās full infrastructure, encompassing hardware, software, processes, and documentation. The role ensures the lab operates at optimal performance and adheres to strict security, privacy, and data integrity standards. The engineer will oversee forensic workstations, laptops, and servers, configuring and optimizing environments for both proactive and reactive incident response. They will manage software and tool deployments such as EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, and KAPE, while maintaining asset inventories, licenses, and budgets. The position also requires developing and maintaining scripts and automation tools to streamline lab workflows, creating detailed SOPs and documentation, and assisting in live customer deployments during forensic assessments or incident response engagements. Strong technical experience with Linux, Windows, and Mac operating systems, network devices, storage systems (NAS), and virtualization technologies like VMware ESXi is crucial. The role demands deep familiarity with forensic processes, evidence management, cloud environments, and cybersecurity toolsets. Certifications such as CCE, CHFI, GCFE, INE Security, or Microsoft/Azure/VMware/RedHat credentials are preferred.
Required skills
Key responsibilities
- Manage and maintain the DFIR Labās hardware, software, infrastructure, and processes to ensure consistent performance and availability
- Deploy, configure, and maintain forensic and incident response tools including EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, KAPE, and IDA Pro
- Ensure the DFIR Lab adheres to all data integrity, privacy, and security standards
- Maintain and update the DFIR Labās asset inventory and oversee license renewals, purchases, and budgeting
- Configure and optimize forensic workstations, laptops, servers, and storage systems for high performance and reliability
- Implement access controls, audit trails, and monitoring systems to secure lab operations
- Evaluate new forensic tools and technologies and recommend improvements to enhance lab capability
- Develop automation scripts and tools to improve operational efficiency and workflow consistency
- Create and update standard operating procedures (SOPs), technical documentation, and configuration guidelines
- Collaborate with customers to deploy DFIR hardware and software for incident response and forensic assessments
- Support active cyber incident response engagements through lab task execution
- Conduct regular security and performance audits to ensure compliance with internal and external standards
Experience & skills
- Minimum of 5 years of hands-on experience in a technical lab, data center, DFIR, or systems engineering environment
- Proficiency with digital forensics and incident response tools such as EnCase, FTK, Magnet Axiom, Cellebrite, THOR, Velociraptor, KAPE, and IDA Pro
- Strong knowledge of forensic artifacts, data acquisition, evidence handling, and forensic hardware (write blockers, adapters, connectors)
- Good understanding of incident response technologies including EDR, NDR, intrusion detection, and log management
- Experience in Linux, Windows, and Mac operating systems with system configuration and administration capabilities
- Experience managing virtualization environments using VMware ESXi or Nutanix
- Knowledge of networking devices such as switches, routers, and firewalls
- Understanding of storage systems like NAS and experience managing cloud-based infrastructures
- Ability to build and baseline server and workstation configurations for secure lab environments
- Preferred certifications: CCE, CHFI, GCFE, INE Security, or vendor-specific certifications from Microsoft, Azure, VMware, or RedHat
- Bachelorās degree in Computer Science, Cybersecurity, Information Technology, or Engineering is desirable but not mandatory
