Penetration test analyst

Primary Purpose of the Job Responsible for leading the Offensive red teaming activities on Qatar Energy’s IT/OT environments, by conducting threat hunting, penetration testing, Vulnerability scanning and security assurance activities. Provides oversight and technology guidance as well as managerial support as required. Oversee the execution of incident management program and supervises and coordinates engineers and external consultants to design, build and manage Qatar Energy SOC Red team functions on Qatar Energy’s IT and OT cyber security mission critical operational expansion. Required Experience and Skills Strong understanding of cyber incident management, malware management and vulnerability management processes. Solid knowledge on Malware analysis, Vulnerability assessment & Forensic & memory analysis, and data analytics. Experience with large IÉS & ICT environments in the Energy sector is a big plus. Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, etc) Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc) Advanced knowledge of penetration techniques and forensic techniques. Protocol analysis knowledge and experience (Wireshark, Netwitness, etc.) Solid knowledge of client-server applications, multi-tier web applications, relational databases. Solid knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud, Iaa S, Saa S etc.) Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix) Solid understanding of IT governance and processes, such as ITIL, COBIT. Possession of Industry Certifications ISACA, GCIA, SANS, ICÅ2, EC-Council, other relevant cyber security certifications (such as CISSP, CISM, (GCIH), (GIAC), (CEH), (CEPT), OSCE, CHFI, GREM or equivalent security technologies technical certification (Advanced Level) Must maintain professional demeanor in stressful situations. Educational Qualifications Bachelor’s degree in information security, computer science, or systems engineering. 10+ years of technical experience in Information Security, System Administration, or Network Engineering with at least 5 years of experience in Information Security.