Lead Consultant – FortiGuard Incident Response

About the role

We are seeking a Lead Consultant for FortiGuard Incident Response to join our dynamic security consulting services in Kuwait. Reporting to the Director of Operations, you will work alongside a world‑class incident response and forensics team, guiding engagements and mentoring junior analysts.

Key responsibilities

• Lead incident response engagements and provide technical and executive updates to clients.
• Mentor and train junior security consultants.
• Conduct host‑based analysis and forensics on Windows, Linux and macOS systems.
• Review firewall, web, database and other logs to uncover malicious activity.
• Utilize the FortiEDR platform for rapid threat detection and analysis.
• Perform memory forensics, file analysis, and basic reverse engineering.
• Contribute to threat intelligence creation and consumption within the FortiGuard ecosystem.
• Develop comprehensive reports and presentations for technical and executive audiences.

Required profile

• Strong consulting and communication skills, both written and verbal.
• Ability to work under tight timelines and handle high‑pressure incidents.
• Experience interfacing directly with customers.
• Willingness to be on‑call for nights/weekends as needed.

Required skills

• Scripting languages: Shell, Ruby, Perl, Python.
• Data‑mining with YARA, RegEx.
• Forensic tools: EnCase, FTK, X‑Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCPDump.
• Malware analysis tools: IDA Pro, OllyDbg, Immunity Debugger.
• Experience with APT campaigns, TTPs, memory injection, static and dynamic malware analysis.
• Deep knowledge of operating system internals and endpoint security.
• Proficiency with FortiEDR platform.