Skills: IT - Analysis & Management
Experience: 5 + Years
Education: Bachelors/3-5 yr Degree
INFORMATION & COMMUNICATION TECHNOLOGY
CYBER ATTACK MONITORING ANALYST (IT SECURITY)
Primary Purpose of Job
Responsible for monitoring, analysing and responding to information and operational security alerts triggered by QP Cyber Defence Platforms and Threat intelligence feeds. Primary responsibilities detect anomaly and potential security threats, filtering false positive alerts, determine if a critical system or data set has been impacted; provides technical analysis; provides recommendations on contamination and remediation; and escalates incidents when deep technical analyses required. Will use variety of tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QP.
Bachelor degree in information security, computer science, or systems engineering.
Experience & Skills
5+ years of experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology. • 1-3 years previous Security Operations Centre Experience in conducting security monitoring or investigations. • Demonstrated ability to analyse, triage and remediate security incidents and strong understanding of security incident management, malware management processes. • Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix) • Good knowledge SIEM, SOAR, FW, Sandboxing, VPNs, and enterprise level cyber security products. • Understanding on the latest current cyber security intrusions, attacks, hacking techniques, vulnerability disclosures, data breach incidents and security analysis techniques is a big plus. • Good understanding on cloud, client-server applications, multi-tier web applications, relational databases. • Good awareness of IT Support processes, such as COBIT, ITIL. • Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols. • Knowledge on security best practices and concepts Vulnerability Assessment & Penetration Testing, and OT security best practices is a plus. • Possession of Industry Certifications (GCIA, SANS, ICS2, EC-Council, other relevant cyber security technical certifications). • Good understanding of Security frameworks and techniques.
Qatar Petroleum is an integrated national oil company (NOC) responsible for the sustainable development of the oil and gas industry in Qatar and beyond.
Qatar Petroleum’s activities encompass the entire spectrum of the oil and gas value chain locally, regionally, and internationally, and include the exploration, refining, production, marketing and sales of oil and gas, liquefied natural gas (LNG), natural gas liquids (NGL), gas to liquids (GTL) products, refined products, petrochemicals, fertilizers, steel and aluminum.
Qatar Petroleum is committed to contribute to a better future by meeting today’s economic needs, while safeguarding our environment and resources for generations to come. Thriving on innovation and excellence, Qatar Petroleum is bound to the highest levels of sustainable human, socio-economic, and environmental development in Qatar and beyond.
For more information, please visit www.qp.com.qa