Skills: IT - Analysis & Management
Experience: 8 + Years
Education: Bachelors/3-5 yr Degree
INFORMATION & COMMUNICATION TECHNOLOGY
SR. CYBER DEFENCE ENGINEER
Primary Purpose of Job
Responsible for supporting QP IT and OT / Industrial Cyber Security centralized security log management (SIEM-Security Information Event Management) functions. The role provides oversight as well as building, maintaining QP's detection and response capabilities for QP Cyber Defence health, performance, stabilization and ongoing planning of the SIEM infrastructure. Lead and manage the engineering efforts to detect the potential security threats as well as anomalies by on boarding IT and OT systems and fine tuning the events and filtering false positive alerts, determine if a critical system or data set has been impacted. Use variety of tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QP.
Bachelor degree in information security, computer science, or systems engineering
Experience & Skills
8+ years' experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology • 4+ years' operating experience in industry leading SIEM products. Solid understanding of SIEM (Security Information and Event Management System) technology, architecture, locating sources and rule creation with commercial market leader Cyber Defence products. • 5 years previous Security Operations Centre Experience in conducting security engineering • Familiar with emerging technologies in the security monitoring, event correlation and alert/detection as well as analytics space. • Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix, network platforms). Good Knowledge of OT systems and their potential risks and threats. • Report creation abilities strongly desired and security and IT metrics experience a plus. • Good knowledge of client-server applications, multi-tier web applications, relational databases, enterprise security technologies products. Solid knowledge of security products such as Active Directory Auditing, Authentication, Firewalls, Intrusion Detection and Prevention Systems, sandboxing as well as variety of other related security technologies. • Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP • Strong understanding of Operating systems hardening. • Strong understanding of email security encryption and mechanisms (DMARC, SPF, DKIM, ...etc) • Good knowledge of security frameworks and techniques. • Scripting Experience (e.g. Python, Perl, and PowerShell) • Certification in at least one industry leading SIEM product. Possession of Industry Certifications (SANS, GCIA, ICS2, (CEH), (CISSP), EC Council, and SIEM/ security tool equivalent technical certifications).
Qatar Petroleum is an integrated national oil company (NOC) responsible for the sustainable development of the oil and gas industry in Qatar and beyond.
Qatar Petroleum’s activities encompass the entire spectrum of the oil and gas value chain locally, regionally, and internationally, and include the exploration, refining, production, marketing and sales of oil and gas, liquefied natural gas (LNG), natural gas liquids (NGL), gas to liquids (GTL) products, refined products, petrochemicals, fertilizers, steel and aluminum.
Qatar Petroleum is committed to contribute to a better future by meeting today’s economic needs, while safeguarding our environment and resources for generations to come. Thriving on innovation and excellence, Qatar Petroleum is bound to the highest levels of sustainable human, socio-economic, and environmental development in Qatar and beyond.
For more information, please visit www.qp.com.qa