Senior Cyber Security Analyst Incident Response - Qatar Airways

• Assist and/or lead investigations in active security incident scenarios supporting the organization through the Incident Response lifecycle
• Provide expertise in the triage escalate and respond to potential security events & incidents and provides support to security teams
• Must also be able to participate in rotating on call schedule and must be able to work collaboratively. Having the ability to work outside of normal working hours as required due to critical incidents or emergency calls will be essential to success in this role
• Proactively hunting threats in the environment identifying new risk and developing methods to proactively address threats.
• Provide cyber Incident Response expertise and perform Malware Analysis & reverse engineering of malware.
• Perform forensic analysis in response to cyberattacks and computer security breaches on systems and networks to identify the extent and nature of the compromise and provide recommendations on containment eradication and remediation steps.
• Routinely prepare written technical documentation and reports of findings along with recommendations that result from cases involving forensic analysis and incident response
• Competently develop and refine usecase scenarios & develop and update operational playbook for various cyber incident scenarios including Data breach ransomware supply chain compromise etc.
• Responsible for identification analysis and correlation of events of interest escalation and continued monitoring of cybersecurity events on an enterprisewide basis
• Analyze various log network malware forensic and cyber threat intel to validate security threats recommend appropriate countermeasures and assess impact of cyber incidents
• Assist the Cyber Security manager in the analysis of security breaches to identify the root cause and to implement preventive measures.
• Continuously update the Cyber Security incident response plan and procedures.

• Bachelor Degree holder with minimum 57 years of relevant experience
• 3 years experience with Incident Response Forensics and/or Malware Analysis
• Have at least one of the relevant certifications: SANS GIAC: GCIA GCFA GCFE GREM GXPN GMON or GCIH ISC2: CCFP CCSP CISSP CERT CSIH EC Council: CHFI or ECSA;
• MITRE Adversary Tactics Techniques and Common Knowledge (ATT&CK)
• Possess knowledge on log management logs generated by various applications or appliances of IT infrastructure for SIEM event correlation.
• Experience with investigating using a wide variety of detective technologies SOAR packet capture analysis and host forensics and memory analysis tools.
• Expert knowledge on Defender for Endpoint and Servers for effective incident response actions.

If youre ready to join a progressive team and have a challenging and rewarding career then apply now by uploading your CV and completing our quick application form.