Summary: Security Analyst responsible for detecting, investigating, and responding to security incidents while maintaining and improving security posture through monitoring and collaboration. Highlights: 1. Opportunity to enhance security posture through monitoring and risk assessment. 2. Engage in incident investigation, containment, remediation, and recovery. 3. Collaborate with IT, DevOps, and application teams on secure design. **Security Analyst — Job Description Position overview** Detect, investigate, and respond to security incidents; maintain and improve security posture through monitoring, risk assessment, controls implementation, and collaboration with IT and engineering teams. **Key responsibilities** * Monitor security tools and telemetry (SIEM, IDS/IPS, EDR, firewalls, network logs) to detect threats and anomalies. * Triage alerts, perform incident investigation, containment, remediation, and recovery; document findings and timelines. * Conduct threat hunting, log analysis, forensic evidence collection, and root\-cause analysis. * Maintain and tune detection rules, correlation logic, and alerting to reduce false positives and improve coverage. * Perform vulnerability scanning, prioritize findings, and coordinate remediation with system owners. * Support patch management, configuration hardening, and secure baseline enforcement. * Assist with threat modeling, risk assessments, and security control gap analysis. * Develop and maintain runbooks, playbooks, incident response plans, and security documentation. * Collaborate with IT, DevOps, and application teams on secure design, secure coding practices, and remediation efforts. * Participate in tabletop exercises, post\-incident reviews, and continuous improvement activities. * Track and report security metrics, compliance status, and risk posture to stakeholders. **Required qualifications** * Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or equivalent experience. * 2–5 years experience in security operations, incident response, or a related role. * Experience with SIEM platforms (Splunk, QRadar, Elastic Security), EDR tools (CrowdStrike, SentinelOne), and network/security device logs. * Strong understanding of TCP/IP, common protocols, authentication, and system internals (Windows/Linux). * Knowledge of threat actors, TTPs, MITRE ATT\&CK framework, and common attack vectors. * Familiarity with vulnerability management tools (Nessus, Qualys), and basic pentesting concepts. * Proficiency with scripting for automation and analysis (Python, PowerShell, Bash). * Excellent analytical, written, and verbal communication skills. **Preferred qualifications** * Certifications: CISSP, CISM, GCIH, GCIA, CEH, OSCP, or equivalent. * Experience with cloud security (AWS/GCP/Azure) and cloud\-native security tools. * Knowledge of compliance frameworks (SOC2, ISO 27001, PCI\-DSS, HIPAA). * Experience with threat intelligence platforms, SOAR automation, and security architecture reviews. * Background in digital forensics and malware analysis. Job Types: Full\-time, Permanent Pay: QAR125\.50 \- QAR325\.70 per hour Work Location: In person