Security Engineer (Active Defense)

**Company** Qatar Energy is a state-owned public corporation established by Emiri Decree No. 10 in 1974. It is responsible for all phases of the oiland gas industry in the State of Qatar.The principal activities of Qatar Energy, its subsidiaries and jointventures are the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products, syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil and gas companies.The operations and activities of Qatar Energy and its affiliates areconducted atvarious onshore locations, including Doha, Dukhan and the Mesaieed and Ras Laffan Industrial Cities, as well as offshore areas, including Halul Island, offshore production stations, drilling platforms and the North Field.Thriving on a spirit of enterprise, each of our joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At Qatar Energy, we are committed to one thing aboveall: Excellence. **Department** INFORMATION & COMMUNICATION TECHNOLOGY **Primary purpose of job** Responsible for managing Qatar Energy IT and OT / Industrial Cyber Security centralized security log management (SIEM-Security Information Event Management/ SOAR, EDR other SOC platforms) functions. Use variety of tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard Qatar Energy. **Experience & Skills**: - 5+ years’ experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology. - 2+ years’ operating experience in industry leading SIEM products. Solid understanding of SIEM (Security Information and Event Management System) technology, architecture, locating sources and rule creation with commercial market leader - Cyber Security products. - 1-3 years previous Security Operations Centre Experience in conducting security engineering is a plus. - Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix, Linux network platforms) - Good Knowledge of OT systems and their potential risks and threats - Solid knowledge of security products such as Active Directory Auditing, Authentication, Firewalls, Intrusion Detection and Prevention Systems, and a variety of other related security technologies and host event logs. - Strong understanding of Operating systems hardening. - Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols. - Scripting Experience (e.g. Python, Perl, and Power Shell) - Certification in at least one industry leading SIEM product. Possession of Industry Certifications (SANS, GCIA, ICS2, (CEH), (CISSP), EC Council, and SIEM/ security tool equivalent technical certifications). - Good understanding of Security frameworks and techniques. - Good understanding of forensic tools and capabilities. - Good understanding of manding Vulnerability management system **Education** Bachelor degree in information security, computer science, or systems engineering.