Skills: IT - Programming & Database
Experience: 10 + Years
Education: Bachelors/3-5 yr Degree
INFORMATION & COMMUNICATION TECHNOLOGY
SR. CYBER INCIDENT RESP ENGR (HUNTER)
Primary Purpose of Job
Act as a SME subject matter expert in Cyber Security team to provide proactive support to detect, distinguish, isolate, interrupt, suppress, advanced threats that evade existing security solutions. Responsible for handling cyber security incident response activities for QP's IT and OT / Industrial areas on a 24/7 basis. Provide real-time hands-on incident management support throughout all stages of the cyber security incident lifecycle. Use state-of-the-art tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QP.
Bachelor degree in information security, computer science, or systems engineering.
Experience & Skills
10+ years' experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology.
6+ years previous Security Operations Centre Experience in conducting security investigations.
Strong understanding of security incident management, malware management processes.
Proven track record and demonstrated relevant experience as a key member of an incident response, malware analysis, or similar role.
Advanced knowledge on Anti-Malware, Vulnerability Management, Intrusion Detection/Protection, Perimeter Security, Security Incident Management, Security Information and Event Management (SIEM), Penetration Testing (application, network, host, social).
Strong understanding and experience combatting crime-ware or APT is a distinguishing factor.
Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Demonstrated knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM and the like).
Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing ? Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products.
Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security Controls and OWASP.
Possession of Industry leader certifications such as CISSP, GCIH, SANS ICS, GCIA, GCIH, GIAC, CEH, GCED, GPPA CHFI, GCFA, GREM.
Qatar Petroleum is an integrated national oil company (NOC) responsible for the sustainable development of the oil and gas industry in Qatar and beyond.
Qatar Petroleum’s activities encompass the entire spectrum of the oil and gas value chain locally, regionally, and internationally, and include the exploration, refining, production, marketing and sales of oil and gas, liquefied natural gas (LNG), natural gas liquids (NGL), gas to liquids (GTL) products, refined products, petrochemicals, fertilizers, steel and aluminum.
Qatar Petroleum is committed to contribute to a better future by meeting today’s economic needs, while safeguarding our environment and resources for generations to come. Thriving on innovation and excellence, Qatar Petroleum is bound to the highest levels of sustainable human, socio-economic, and environmental development in Qatar and beyond.
For more information, please visit www.qp.com.qa