Senior Incident Response Engineer – Telecom Cybersecurity

2 days ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features. Direct message the job poster from Vapor VM Certified Human Resource Professional

Certified Tech Talent Acquisition Professional

Technical Recruiter

Recruitment Consultant

HR Manager

… We are looking for a highly skilled and proactive Incident Response Engineer with at least 5 years of hands-on cybersecurity experience, including a strong background in the telecom industry. This role is critical to ensuring rapid detection, investigation, containment, and resolution of security incidents. You will collaborate with cross-functional teams to improve the organization’s security posture and operational resilience in a fast-paced telecom environment. Key Responsibilities : Monitor and triage security alerts from telecom-focused SIEM, EDR, and threat intelligence platforms. Investigate security incidents involving signaling networks (SS7, Diameter, SIP), subscriber data, and telecom infrastructure. Lead incident response lifecycle phases: detection, analysis, containment, eradication, recovery, and post-incident review. Utilize tools like Splunk, IBM QRadar, Crowd Strike, Palo Alto Cortex XDR, and Wireshark for forensic and packet analysis. Coordinate with SOC teams, NOC, IT Ops, and Core Network teams for effective incident resolution. Develop and maintain incident response runbooks specific to telecom use cases (e.g., network intrusions, signaling fraud, SIM cloning, BSS / OSS attacks). Conduct threat hunting and IOC correlation to detect stealthy attacks across telecom infrastructure. Analyze malware and conduct memory and disk forensics using tools such as Volatility, FTK, En Case, and Autopsy. Stay current on threats to the telecom sector including APT groups, signaling layer exploits, and SS7 / Diameter vulnerabilities. Support regulatory compliance (e.g., NCA, TRA, GDPR, SAMA) and law enforcement requests by providing forensic evidence and incident reports. Organize and lead tabletop exercises and breach simulations involving telecom-specific threat scenarios. Required Qualifications : Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or a related discipline. Minimum 5 years of cybersecurity experience, with at least 3 years in incident response. Mandatory experience in the telecom industry, including knowledge of core network architecture (4G / 5G), VAS, BSS / OSS systems, and network signaling protocols (e.g., SS7, SIP, Diameter). Strong understanding of network security, TCP/IP, firewalls, proxies, and telecom-specific attack surfaces. Hands-on experience with SIEM tools (Splunk, QRadar), EDR platforms (Crowd Strike, Sentinel One, Cortex XDR), and forensic tools. Proficiency in Python, Bash, or Power Shell scripting for automation and custom parsing. Solid grasp of MITRE ATT&CK, NIST 800-61, ISO/IEC 27035, and telecom security best practices. Relevant certifications: GCIA, GCIH, CEH, CISSP, OSCP, or equivalent are highly preferred. Key Skills & Tools : Telecom Cybersecurity Threat Hunting & IOC Analysis SIEM (Splunk, QRadar), EDR (Crowd Strike, Cortex XDR) Signaling Protocols: SS7, Diameter, SIP Packet Analysis & Forensics (Wireshark, FTK, En Case) Security Automation & Scripting (Python, Power Shell) Regulatory & Compliance (NCA, SAMA, GDPR) Malware Analysis & Reverse Engineering Security Documentation & Playbook Development Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology, IT Services and IT Consulting Referrals increase your chances of interviewing at Vapor VM by 2x Sign in to set job alerts for “Cyber Security Engineer” roles. #J-18808-Ljbffr