Lead, Active Defense
Qatar Energy
Primary purpose of job:
Responsible for leading the Offensive red teaming activities on QatarEnergy’s IT/OT environments, by conducting threat hunting, penetration testing, Vulnerability scanning and security assurance activities. Provides oversight and technology guidance as well as managerial support as required. Oversee the execution of incident management program and supervises and coordinates engineers and external consultants to design, build and manage QatarEnergy SOC Red team functions on QatarEnergy’s IT and OT cyber security mission critical operational expansion.
Experience & Skills:
Strong understanding of cyber incident management, malware management and vulnerability management processes.
Solid knowledge on Malware analysis, Vulnerability assessment & Forensic & memory analysis, and data analytics
Experience with large ICS & ICT environments in the Energy sector is a big plus.
Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, etc) Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc) Advanced knowledge of penetration techniques and forensic techniques. Protocol analysis knowledge and experience (Wireshark, Netwitness, etc.) Solid knowledge of client-server applications, multi-tier web applications, relational databases.
Solid knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud, IaaS, SaaS etc.)
Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix)
Solid understanding of IT governance and processes, such as ITIL, COBIT.
Possession of Industry Certifications ISACA, GCIA, SANS, ICS2, EC-Council, other relevant cyber security certifications. (such as CISSP, CISM, (GCIH), (GIAC), (CEH), (CEPT), OSCE, CHFI, GREM or equivalent security technologies technical certification (Advanced Level)
Must maintain professional demeanor in stressful situations.
Education:
Bachelor’s degree in information security, computer science, or systems engineering. 10+ years of technical experience in Information Security, System Administration, or Network Engineering with at least 5 years of experience in Information Security.
To apply for this job please visit www.linkedin.com.