Senior Cyber Security Analyst (Incident Response)

About Role

You would be part of the Cyber Security Incident Response team with an operational role to quickly identify, respond to cyber incidents and protect against threats to our global infrastructure. This is a hands-on technical cyber security role with expertise in Security Operations Center and incident response and in the areas of endpoint security, application security, network security or Cloud security. 

Role and Responsibilities

• Assist and/or lead investigations in active security incident scenarios, supporting the organization through the Incident Response lifecycle
• Provide expertise in the triage, escalate and respond to potential security events & incidents and provides support to security teams
• Must also be able to participate in rotating on call schedule and must be able to work collaboratively. Having the ability to work outside of normal working hours as required due to critical incidents or emergency calls, will be essential to success in this role
• Proactively hunting threats in the environment, identifying new risk, and developing methods to proactively address threats.
• Provide cyber Incident Response expertise and perform Malware Analysis & reverse engineering of malware.
• Perform forensic analysis in response to cyber-attacks and computer security breaches on systems and networks to identify the extent and nature of the compromise and provide recommendations on containment, eradication, and remediation steps.
• Routinely prepare written technical documentation and reports of findings, along with recommendations, that result from cases involving forensic analysis and incident response
• Develop and update operational playbook for various cyber incident scenarios including Data breach, ransomware, supply chain compromise etc.,
• Responsible for identification, analysis, and correlation of events of interest, escalation and continued monitoring of cybersecurity events on an enterprise-wide basis
• Analyze various log, network, malware, forensic, and cyber threat intel to validate security threats, recommend appropriate countermeasures, and assess impact of cyber incidents
• Assist the Cyber Security manager in the analysis of security breaches to identify the root cause and to implement preventive measures.

Knowledge, Skills & Experience  

• Bachelor Degree holder with minimum 5-7 years of relevant experience
• 3+ years' experience with Incident Response, Forensics, and/or Malware Analysis
• Have at least one of the relevant certifications: SANS GIAC: GCIA, GCFA, GCFE, GREM, GXPN, GMON, or GCIH, ISC2: CCFP, CCSP, CISSP CERT CSIH, EC Council: CHFI or ECSA;
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
• Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation.
• Experience with investigating using a wide variety of detective technologies SOAR, packet capture analysis, and host forensics and memory analysis tools.
• Expert knowledge on Defender for Endpoint and Servers for effective incident response actions.

How to apply 

Application Guidelines

Employees must submit applications through internal vacancies portal (via GEMS) only.

Please see below for all eligibility and requirements for internal applications and please note that any applications not meeting the criteria will not be processed.

• All internal candidates can only have three active applications at any point in time.
• All internal candidates must have completed a minimum 10 months in their current role in order to apply for a new role
• All internal candidates with an active final warning letter will be automatically disqualified from the recruitment process
• If you are Cabin Crew or Deck Crew (Qatar Airways & Qatar Executive) candidate, you would require NOC to apply for this role.