Job Title : SR.

CYBER SECURITY INCIDENT RESPONDER

Reference Code : EC-2007082

Company
QatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases
of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are
the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products,
syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's
strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing
Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil
and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore
locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including
HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our
joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are
committed to one thing aboveall: Excellence.

Department
INFORMATION & COMMUNICATION TECHNOLOGY

Primary purpose of job

Act as a Subject Matter Expert subject in Cybersecurity team to provide proactive support to detect, distinguish, isolate,
interrupt, suppress, advanced threats that evade existing security solutions. Responsible for handling cyber security
incident response activities for QatarEnergy’s IT and OT / Industrial areas on a 24/7 basis. Provide real-time hands-on
incident management support throughout all stages of the cyber security incident lifecycle. Use state-of-the-art tools to
analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QatarEnergy.

Experience & Skills

• 10+ years’ experience working in a large-scale IT environment with focus on Information Security, and knowledge of
Operational Technology.
• 6+ years experience in conducting security investigations.
• Strong understanding of security incident management.
• Proven track record and demonstrated relevant experience as a key member of an incident response team.
• Advanced knowledge on Anti-Malware, Vulnerability Management, Intrusion Detection/Protection, Perimeter Security,
Security Incident Management, Security Information and Event Management (SIEM), Penetration Testing (application,
network, host, social).
• Strong understanding and experience combatting crime-ware or APT is a distinguishing factor.
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols
such as SMTP, HTTP, FTP, POP, LDAP. Demonstrated knowledge of security related technologies and their functions
(IDS, IPS, FW, WAF, SIEM and the like).
• Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing.
• Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and
enterprise Anti-Virus products.
• Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security
Controls and OWASP.
• Possession of Industry leader certifications such as CISSP, GCIH, SANS ICS, GCIA, GCIH, GIAC, CEH, GCED, GPPA
CHFI, GCFA, GREM.

Education
Bachelor’s degree in information security, computer science, or systems engineering.