Skills: IT - Analysis & Management
Experience: 5 + Years
Education: Bachelors/3-5 yr Degree
INFORMATION & COMMUNICATION TECHNOLOGY
INFORMATION SECURITY MONITORING ANALYST (SOC)
Primary Purpose of Job
Information Security Monitoring Analyst is an alert management analyst, responsible for monitoring, analysing and responding to information and operational security alerts triggered by Security Information and Event Management (SIEM) and Threat intelligence feeds. Primary responsibilities detect anomaly and potential security threats, filtering false positive alerts, determine if a critical system or data set has been impacted; provides technical analysis; provides recommendations on contamination and remediation; and escalates incidents when deep technical analyses required.The Information Security Monitoring Analyst will use variety of tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QP.He/she will document all incidents and create a clear narrative that supports their conclusions, and support the incident response activities. Working 12 hour shift patterns to provide 24/7 coverage.
Bachelor degree in information security, computer science, or systems engineering
Experience & Skills
1. 5+ years' experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology
2. 2+ years' operating experience in industry leading SIEM products
3. 1-3 years previous Security Operations Centre Experience in conducting security investigations
4. Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix)
5. Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
6. Strong understanding of security incident management, malware management processes
7. Experience with web content filtering technology - policy engineering and troubleshooting
8. Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
9. Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing
10. Demonstrated ability to analyse, triage and remediate security incidents;
11. Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security Controls and OWASP;
12. Demonstrated knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM and the like);
13. Certification in at least one industry leading SIEM product
14. Possession of Industry Certifications (OSCP, OCSE preferred, GCIH, SANS ICS, GCIA, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH), (CISSP), CHFI, SANS Cyber Threat Hunting, SANS GREM , SIEM/ security tool equivalent technical certification.
Qatar Petroleum is an integrated national oil company (NOC) responsible for the sustainable development of the oil and gas industry in Qatar and beyond.
Qatar Petroleum’s activities encompass the entire spectrum of the oil and gas value chain locally, regionally, and internationally, and include the exploration, refining, production, marketing and sales of oil and gas, liquefied natural gas (LNG), natural gas liquids (NGL), gas to liquids (GTL) products, refined products, petrochemicals, fertilizers, steel and aluminum.
Qatar Petroleum is committed to contribute to a better future by meeting today’s economic needs, while safeguarding our environment and resources for generations to come. Thriving on innovation and excellence, Qatar Petroleum is bound to the highest levels of sustainable human, socio-economic, and environmental development in Qatar and beyond.
For more information, please visit www.qp.com.qa