Enable job alerts via email!
PENETRATION TEST ANALYST
Qatar Energy
Doha
On-site
QAR 400,000 - 600,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading energy company in Qatar seeks an experienced professional to lead offensive red teaming activities in their IT and OT environments. The ideal candidate will possess strong cyber incident management skills and a bachelor's degree in information security with over 10 years of technical experience. Responsibilities include threat hunting and penetration testing, overseeing incident management, and supervising engineers.
Qualifications
- 10+ years of technical experience in Information Security, System Administration, or Network Engineering.
- At least 5 years of experience in Information Security.
- Possession of Industry Certifications such as CISSP, CISM, GCIH, GIAC.
Responsibilities
- Lead Offensive red teaming activities on QatarEnergy’s IT/OT environments.
- Conduct threat hunting and penetration testing.
- Oversee incident management program and supervise engineers.
Skills
Education
Tools
Responsible for leading the Offensive red teaming activities on QatarEnergy’s IT/OT environments, by conducting threat hunting, penetration testing, Vulnerability scanning and security assurance activities. Provides oversight and technology guidance as well as managerial support as required. Oversee the execution of incident management program and supervises and coordinates engineers and external consultants to design, build and manage QatarEnergy SOC Red team functions on QatarEnergy’s IT and OT cyber security mission critical operational expansion.
- Strong understanding of cyber incident management, malware management and vulnerability management processes.
- Solid knowledge on Malware analysis, Vulnerability assessment & Forensic & memory analysis, and data analytics.
- Experience with large IÉS & ICT environments in the Energy sector is a big plus.
- Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, etc) Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc) Advanced knowledge of penetration techniques and forensic techniques. Protocol analysis knowledge and experience (Wireshark, Netwitness, etc.) Solid knowledge of client-server applications, multi-tier web applications, relational databases.
- Solid knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud, IaaS, SaaS etc.)
- Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix)
- Solid understanding of IT governance and processes, such as ITIL, COBIT.
- Possession of Industry Certifications ISACA, GCIA, SANS, ICÅ2, EC-Council, other relevant cyber security certifications (such as CISSP, CISM, (GCIH), (GIAC), (CEH), (CEPT), OSCE, CHFI, GREM or equivalent security technologies technical certification (Advanced Level)
- Must maintain professional demeanor in stressful situations.
Bachelor’s degree in information security, computer science, or systems engineering. 10+ years of technical experience in Information Security, System Administration, or Network Engineering with at least 5 years of experience in Information Security.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
