Browse
···
Log in / Register
Summary: Provide operational security monitoring, incident response, and risk-reduction to protect company systems and data according to regulations and policy. Highlights: 1. Lead containment, eradication, and recovery steps for security incidents 2. Develop detection rules and run proactive threat hunts 3. Implement and validate endpoint, network, and cloud security controls **About the role** Provide operational security monitoring, incident response, and risk\-reduction activities to protect company systems and data in line with local regulations and organisational security policy. **Key responsibilities** * Security monitoring: Maintain SIEM alerts, investigate security events, triage incidents and escalate per playbooks. * Incident response: Lead containment, eradication and recovery steps for security incidents; perform root‑cause analysis and produce post‑incident reports. * Threat detection \& hunting: Develop detection rules, run proactive threat hunts and tune alerts to reduce false positives. * Vulnerability management: Coordinate vulnerability scans, prioritise remediation, track fixes and verify mitigation. * Access \& identity: Review IAM configurations, support privileged\-access controls, MFA rollouts and user access reviews. * Security controls \& hardening: Implement and validate endpoint, network and cloud security controls (EDR, firewalls, NAC, CASB). * Log \& evidence management: Collect, preserve and analyse logs/evidence for investigations and compliance. * Compliance \& reporting: Support audits, maintain security metrics and produce regular risk and compliance reports. * Playbooks \& documentation: Develop and maintain IR playbooks, runbooks, SOPs and threat intelligence feeds. * Collaboration \& training: Work with IT, DevOps and business teams to remediate issues and deliver basic security awareness sessions. **Qualifications \& experience** * Bachelor’s degree in Cybersecurity, Computer Science or related field, or equivalent experience. * 2\+ years in SOC, incident response or security operations; GCC/Doha experience preferred. * Hands‑on with SIEM (Splunk, QRadar, Sentinel), EDR tools, vulnerability scanners and network security technologies. * Familiar with MITRE ATT\&CK, incident response frameworks and forensic techniques. * Strong log analysis, scripting (Python, Bash) and Linux/Windows troubleshooting skills. * Security certifications preferred: e.g., GCIA, GCIH, GSEC, CISSP, or equivalent. * Effective communicator, able to produce clear technical reports and present findings to stakeholders. * Valid work authorisation for Qatar. **Key attributes** * **Analytical:** Detail‑oriented investigator. * **Calm** **under** **pressure:** Responds decisively during incidents. * **Proactive:** Seeks and mitigates risks before escalation. * **Collaborative:** Builds relationships across technical teams. نوع الوظيفة: دوام كامل الراتب المدفوع: QAR٣٥٫٠٠ لكل ساعة موقع العمل: بشكل شخصي
