Information Security Monitoring Analyst - Dukhan, دولة قطر - qatar petroleum doha

    qatar petroleum doha
    qatar petroleum doha Dukhan, دولة قطر

    منذ أسبوعين

    Default job background
    وصف


    Information Security Monitoring Analyst is an alert management analyst, responsible for monitoring, analysing and responding to information and operational security alerts triggered by Security Information and Event Management (SIEM) and Threat intelligence feeds.

    Primary responsibilities detect anomaly and potential security threats, filtering false positive alerts, determine if a critical system or data set has been impacted; provides technical analysis; provides recommendations on contamination and remediation; and escalates incidents when deep technical analyses required.

    The Information Security Monitoring Analyst will use variety of tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QP.He/she will document all incidents and create a clear narrative that supports their conclusions, and support the incident response activities.

    Working 12 hour shift patterns to provide 24/7 coverage.

    Experience Skills 5+ years' experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology2.

    2+ years' operating experience in industry leading SIEM products3. 1-3 years previous Security Operations Centre Experience in conducting security investigations4. Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix)5. Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products6. Strong understanding of security incident management, malware management processes7. Experience with web content filtering technology - policy engineering and troubleshooting8.

    Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP9.

    Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing10. Demonstrated ability to analyse, triage and remediate security incidents;11. Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security Controls and OWASP;12. Demonstrated knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM and the like);13. Certification in at least one industry leading SIEM product14.

    Possession of Industry Certifications (OSCP, OCSE preferred, GCIH, SANS ICS, GCIA, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH), (CISSP), CHFI, SANS Cyber Threat Hunting, SANS GREM , SIEM/ security tool equivalent technical certification.

    Education Bachelor degree in information security, computer science, or systems engineering