We’re on the hunt for a Cybersecurity Incident Response Specialist with the curiosity of a detective, the calm of a bomb disposal expert, and the analytical instincts of someone who enjoys untangling the world’s messiest PowerShell scripts. You’ll be joining the NetWitness Incident Response team in Saudi Arabia, working alongside a group of battle-tested DFIR professionals who thrive on turning chaos into clarity.
You’ll investigate security incidents, perform digital forensics, analyze malware, and help organizations recover from the kind of problems that usually start with, "We just saw some unusual network traffic..."
If you enjoy pulling threads to find out what really happened, and you’ve ever taken apart malware “just to see what makes it tick,” you’ll fit right in.
Conduct cyber incident investigations and digital forensic analysis (sans drama, but with precision).
Perform malware triage, memory forensics, and compromise assessments.
Document findings clearly enough that even your non-technical colleagues will think you’re a wizard.
Work with global NetWitness IR experts to respond to complex attacks and improve detection.
Share knowledge, challenge hypotheses, and occasionally utter phrases like “It depends” with confidence.
Requirements
At least 5 years of solid, hands-on experience in cybersecurity.
Minimum 2 years of direct involvement in incident response, digital forensics, or malware analysis.
Alternatively, visible public research or open-source projects in DFIR or malware analysis are perfectly acceptable — we value results over titles.
Strong technical foundation in Windows, Linux, and network investigations.
Comfortable using tools like NetWitness, Volatility, Velociraptor, or your own custom scripts.
Scripting skills in Python, PowerShell, or Bash – bonus points if you’ve written something that made your teammates both grateful and slightly afraid.
SANS certifications (GCFA, GREM, GNFA, GCFE, etc.) are definite pluses, as is a calm demeanor during incidents that make others panic.
Fluency in English; Arabic proficiency is a welcome advantage.
Benefits
Work with some of the brightest minds in digital forensics and incident response.
Get hands-on with major cybersecurity incidents while using serious tooling (and a healthy dose of wit).
Be part of a team that values curiosity, professional rigor, and the occasional well-timed sarcastic observation.
Continual learning and growth opportunities through global collaboration and SANS-aligned training.
If this sounds like your sort of challenge — and you’ve been known to say “I’ll just have a quick look at that memory dump” moments before losing three hours — we’d quite like to hear from you.
PartnerOne acquires and grows enterprise software companies for the long term. We have very strong financial resources, combined with an agile and entrepreneurial mindset.
We move quickly and decisively, free from bureaucracy or red tape, ensuring a smooth and fair acquisition process. Whether it’s a divestiture, restructuring or carve out, we provide a fast and seamless transition.
Once acquired, we invest in sustainable growth—leveraging our deep industry expertise, shared resources, and global network to strengthen each business. We build our companies for the future, ensuring stability for customers, partners and employees.
