Company: Qatar Petroleum
Skills: IT - Analysis & Management, IT - Sys Admin & Support
Other Skills: Infrastructure Security
Experience: 8 + Years
Education: Bachelors/3-5 yr Degree
Location: Qatar
No location/work authorization restrictions found.


Department
INFORMATION & COMMUNICATION TECHNOLOGY

Title
SR. SYSTEMS ENGINEER (Infrastructure Security)

Primary Purpose of Job
The Senior Systems Engineer (Infrastructure Security) is expected to protect the confidentiality, integrity and availability of the ICT infrastructure, which supports QP's business operations. The prospect engineer is expected to support and maintain the day-to-day security operations and system change lifecycle of QP's critical security devices, tools & services. The engineer shall provide senior technical support for all perimeter security devices whilst providing leadership & mentoring to junior team members. The role will be an enabler to the company's success through development and implementation of security practices that create a secure working environment

Education


• Bachelor's degree in Computer Science, a related Engineering field or Management Information Systems

• 8 or more years of demonstrated experience in IT of which minimal 5 years of experience in Network security operations functions

• Full and detailed technical knowledge of current best practices in the Information Security sector, including ISO standards

• Ability to translate information security related concepts and controls into practice

• Ability to interpret and translate technical security related information into practical advice and guidance

• A high level of awareness of technological developments and trends in the IT security market

• Detailed technical knowledge of the latest security technologies and threat vectors

• Ability to provide information security guidance and counsel to QP lines of business in the assessment and development of new business process and related IT processes

• Determine appropriate approach to solving a problem

• Anticipate obstacles to proposed solution and determines steps to overcome them

• Innovative approaches used to overcome perceived resistance to resolutions

• Gain acceptance of proposed solution from impacted stakeholders and develop plans for implementing solutions

• Package problem solution to facilitate application in similar situations

• Deal with complex technical, organizational and process problems related to projects

• Provide security advice/best practices and security instructions to system engineers/technicians. Obtain information related to possible security incidents or vulnerabilities

Providing security reports and escalate critical security risks to Management

• Provide security requirements and obtain information about solutions in the capacity of a Project managers

• Arrange non-confidentiality agreements, compliance with regulations, disciplinary actions and lawsuits in case of security violations in liaise with Legal Department

• Fulfil requirements of QP Subsidiaries and Affiliates in line with QP ICT policies. Respond to requests from internal and external auditors

• Certified specialist in network security related systems such as proxy/reverse proxy technologies, sandboxing technologies, SSL offloading & DNS technologies

• CISSP, CISA, CISM, CCIE security or other relevant information security certification is a plus

• Certification in one of Gartner's top 5 secure web gateways and secure email gateways is a plus

• Strong technical capability with information security background• Knowledge of Security principles, techniques and technologies

• Knowledge of operating systems, applications and databases security principles

• Understanding the technical aspects of the Information Security

• Strong knowledge of IT technologies, ideally related to Security

• Strong knowledge of secure web gateways technologies• Strong knowledge of SSL offloading and visibility technologies

• Strong knowledge of cloud based DNS technologies

• Strong knowledge of email security gateways technologies

• Strong knowledge of APT security technologies

• Experience with security forensics analysis

• Strong troubleshooting skills in network, software configuration, log interpretation, etc.

• Ability to manage multiple tasks and resources

• Effective problem solver with strong analytic skills

• Ability to interpret, adapt and apply guidelines and procedures

• Demonstrate commitment to quality and continuous improvement• Proficiency in written and spoken English

Experience & Skills


• Implement security controls in line with QP's security policies and in close coordination with senior systems engineers to ensure information security consistency and compliance

• Develop methodology/framework for providing consistent and repeatable security controls architecture

• Provide secondary support to maintain 24X7X365 operations of implemented systems security infrastructure and conduct analysis of log files, evidence and other information in order to determine best methods for identifying the perpetrators of a system intrusion

• Manage, maintain configuration/ availability and system lifecycle of key perimeter/internal security devices

• Perform forensic analysis in respond to security incident to immediately pinpoint abnormal activity• Support multi-factor authentication technology

• Manage and support SSL offloading and visibility technologies , forward proxy technologies, email security gateways technologies, APT security technologies, secure access control systems and one time password technologies and cloud based DNS and categories technologies

• Conduct security technology reviews to ensure security control systems are built according to security architecture principles, following standards and are optimized to maximum efficiency

• Develop and Maintain current system documentation and versioning

• Monitor security environment, identify security gaps, evaluate and implement infrastructure security design enhancements

• Assess security risks based on their business operations impact and choose appropriate action

• Accountable for installation, modification and maintenance of network security technologies in order to achieve high level of business services availability

• Analyze requests and incidents from QP staff and provide solution based on the QP Cyber Information Security Framework

• Coordinate and execute complex IT security projects

• Ensure adherence to Information Security Policy and lead by setting the example

Qatar Petroleum is an integrated national oil company (NOC) responsible for the sustainable development of the oil and gas industry in Qatar and beyond.


Qatar Petroleum’s activities encompass the entire spectrum of the oil and gas value chain locally, regionally, and internationally, and include the exploration, refining, production, marketing and sales of oil and gas, liquefied natural gas (LNG), natural gas liquids (NGL), gas to liquids (GTL) products, refined products, petrochemicals, fertilizers, steel and aluminum.
Qatar Petroleum is committed to contribute to a better future by meeting today’s economic needs, while safeguarding our environment and resources for generations to come. Thriving on innovation and excellence, Qatar Petroleum is bound to the highest levels of sustainable human, socio-economic, and environmental development in Qatar and beyond.


For more information, please visit www.qp.com.qa

 

 

Qatar Petroleum is ranked in the Global Top 30 in Rigzone's Ideal Employer Rankings - find out more here.