Job Title : SR. CYBER SECURITY INCIDENT RESPONDERReference Code : OG-7003076CompanyQatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products, syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are committed to one thing aboveall: Excellence.DepartmentINFORMATION & COMMUNICATION TECHNOLOGYPrimary purpose of jobAct as a SME subject matter expert in Cyber Security team to provide proactive support to detect, distinguish, isolate, interrupt, suppress, advanced threats that evade existing security solutions. Responsible for handling cyber security incident response activities for QatarEnergy’s IT and OT / Industrial areas on a 24/7 basis. Provide real-time hands-on incident management support throughout all stages of the cyber security incident lifecycle. Use state-of-the-art tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QatarEnergy.Experience & Skills• 10+ years’ experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology. • 6+ years previous Security Operations Centre Experience in conducting security investigations. • Strong understanding of security incident management, malware management processes. • Proven track record and demonstrated relevant experience as a key member of an incident response, malware analysis, or similar role. • Advanced knowledge on Anti-Malware, Vulnerability Management, Intrusion Detection/Protection, Perimeter Security, Security Incident Management, Security Information and Event Management (SIEM), Penetration Testing (application, network, host, social). • Strong understanding and experience combatting crime-ware or APT is a distinguishing factor. • Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Demonstrated knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM and the like). • Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing • Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products. • Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security Controls and OWASP. • Possession of Industry leader certifications such as CISSP, GCIH, SANS ICS, GCIA, GCIH, GIAC, CEH, GCED, GPPA CHFI, GCFA, GREM.EducationBachelor’s degree in information security, computer science, or systems engineering.