Senior Cyber Security Incident Responder (DFIR)

Primary purpose of jobAct as a Subject Matter Expert subject in Cybersecurity team to provide proactive support to detect, distinguish, isolate, interrupt, suppress, advanced threats that evade existing security solutions. Responsible for handling cyber security incident response activities for QatarEnergy’s IT and OT / Industrial areas on a 24/7 basis. Provide real-time hands-on incident management support throughout all stages of the cyber security incident lifecycle. Use state-of-the-art tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QatarEnergy. Experience & Skills 10+ years’ experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology.6+ years experience in conducting security investigations. Strong understanding of security incident management. Proven track record and demonstrated relevant experience as a key member of an incident response team. Advanced knowledge on Anti-Malware, Vulnerability Management, Intrusion Detection/Protection, Perimeter Security, Security Incident Management, Security Information and Event Management (SIEM), Penetration Testing (application, network, host, social). Strong understanding and experience combatting crime-ware or APT is a distinguishing factor. Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Demonstrated knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM and the like).Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing. Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products. Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security Controls and OWASP.Possession of Industry leader certifications such as CISSP, GCIH, SANS ICS, GCIA, GCIH, GIAC, CEH, GCED, GPPA CHFI, GCFA, GREM. Education Bachelor’s degree in information security, computer science, or systems engineering.