15 Incident Response jobs in Qatar
Senior Consultant, Incident Response &
Doha, Doha
EY
Posted today
Job Viewed
Job Description
Our Incident Response & Cybersecurity team supports our national and international client to address security incidents, hunt down security risks or incidents within environments, and act as a supporting team member in FIS.
**The opportunity**
In this role, you will require extensive experience and knowledge of technology, tools, policies, and standards related to security systems and incident response, which includes being up to date with latest trends. You must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process.
**Your key responsibilities**
As a senior consultant you will be responsible to investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
You will work to preserve, harvest, and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices while supporting the complex forensic analyses handled by the firm.
Moreover, it will be your responsibility to produce high-quality oral and written work product, presenting complex technical matters clearly and concisely to form and articulate expert opinions based on analysis. One should possess the experience, credibility, and integrity to perform as an expert witness. As a senior consultant you should consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Investigate instances of malicious code and documents to determine attack vectors and payloads and develop and refine policies and procedures for forensic and malware analyses.
You will play a vital role of researching, developing, and recommending hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
Furthermore, should also participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
**Skills and attributes for success**
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively with teams and independently across physical locations
**To qualify for the role, you must have**
- Bachelor's degree and approximately 3-5 years of related work experience
- Experience in computer intrusion analysis and incident response
- Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Effective communication skills with different stakeholders about cybersecurity and incident response analysis
- Ability to develop effective workflows, timelines, budgets for client engagements
- Ability to ensure quality in project deliverables and documentation
- Excellent troubleshooting skills
- Excellent project management skills and the ability to prioritize when working on multiple engagements
- A history of business development and team development success
- Proficient English
**Ideally, you’ll also have**
- An advanced degree in areas of at least one of the following professional certifications such as CIPT, CISSP, CISM, or CIPP/E, CDPSE, GCIH, GCED, CEH, GCIA, GCFA, GSE, Microsoft Certified: Information Protection Administrator Associate, or other relevant internationally recognized certifications
- Proficient Arabic
**What we offer**
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
**If you can demonstrate tha
**The opportunity**
In this role, you will require extensive experience and knowledge of technology, tools, policies, and standards related to security systems and incident response, which includes being up to date with latest trends. You must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process.
**Your key responsibilities**
As a senior consultant you will be responsible to investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
You will work to preserve, harvest, and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices while supporting the complex forensic analyses handled by the firm.
Moreover, it will be your responsibility to produce high-quality oral and written work product, presenting complex technical matters clearly and concisely to form and articulate expert opinions based on analysis. One should possess the experience, credibility, and integrity to perform as an expert witness. As a senior consultant you should consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Investigate instances of malicious code and documents to determine attack vectors and payloads and develop and refine policies and procedures for forensic and malware analyses.
You will play a vital role of researching, developing, and recommending hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
Furthermore, should also participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
**Skills and attributes for success**
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively with teams and independently across physical locations
**To qualify for the role, you must have**
- Bachelor's degree and approximately 3-5 years of related work experience
- Experience in computer intrusion analysis and incident response
- Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Effective communication skills with different stakeholders about cybersecurity and incident response analysis
- Ability to develop effective workflows, timelines, budgets for client engagements
- Ability to ensure quality in project deliverables and documentation
- Excellent troubleshooting skills
- Excellent project management skills and the ability to prioritize when working on multiple engagements
- A history of business development and team development success
- Proficient English
**Ideally, you’ll also have**
- An advanced degree in areas of at least one of the following professional certifications such as CIPT, CISSP, CISM, or CIPP/E, CDPSE, GCIH, GCED, CEH, GCIA, GCFA, GSE, Microsoft Certified: Information Protection Administrator Associate, or other relevant internationally recognized certifications
- Proficient Arabic
**What we offer**
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
**If you can demonstrate tha
This advertiser has chosen not to accept applicants from your region.
0
Senior Consultant, Incident Response &
Doha, Doha
EY
Posted today
Job Viewed
Job Description
Our Incident Response & Cybersecurity team supports our national and international client to address security incidents, hunt down security risks or incidents within environments, and act as a supporting team member in FIS.
**The opportunity**
In this role, you will require extensive experience and knowledge of technology, tools, policies, and standards related to security systems and incident response, which includes being up to date with latest trends. You must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process.
**Your key responsibilities**
As a senior consultant you will be responsible to investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
You will work to preserve, harvest, and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices while supporting the complex forensic analyses handled by the firm.
Moreover, it will be your responsibility to produce high-quality oral and written work product, presenting complex technical matters clearly and concisely to form and articulate expert opinions based on analysis. One should possess the experience, credibility, and integrity to perform as an expert witness. As a senior consultant you should consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Investigate instances of malicious code and documents to determine attack vectors and payloads and develop and refine policies and procedures for forensic and malware analyses.
You will play a vital role of researching, developing, and recommending hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
Furthermore, should also participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
**Skills and attributes for success**
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively with teams and independently across physical locations
**To qualify for the role, you must have**
- Bachelor's degree and approximately 3-5 years of related work experience
- Experience in computer intrusion analysis and incident response
- Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Effective communication skills with different stakeholders about cybersecurity and incident response analysis
- Ability to develop effective workflows, timelines, budgets for client engagements
- Ability to ensure quality in project deliverables and documentation
- Excellent troubleshooting skills
- Excellent project management skills and the ability to prioritize when working on multiple engagements
- A history of business development and team development success
- Proficient English
**Ideally, you’ll also have**
- An advanced degree in areas of at least one of the following professional certifications such as CIPT, CISSP, CISM, or CIPP/E, CDPSE, GCIH, GCED, CEH, GCIA, GCFA, GSE, Microsoft Certified: Information Protection Administrator Associate, or other relevant internationally recognized certifications
- Proficient Arabic
**What we offer**
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
**If you can demonstrate tha
**The opportunity**
In this role, you will require extensive experience and knowledge of technology, tools, policies, and standards related to security systems and incident response, which includes being up to date with latest trends. You must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process.
**Your key responsibilities**
As a senior consultant you will be responsible to investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
You will work to preserve, harvest, and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices while supporting the complex forensic analyses handled by the firm.
Moreover, it will be your responsibility to produce high-quality oral and written work product, presenting complex technical matters clearly and concisely to form and articulate expert opinions based on analysis. One should possess the experience, credibility, and integrity to perform as an expert witness. As a senior consultant you should consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Investigate instances of malicious code and documents to determine attack vectors and payloads and develop and refine policies and procedures for forensic and malware analyses.
You will play a vital role of researching, developing, and recommending hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
Furthermore, should also participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
**Skills and attributes for success**
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively with teams and independently across physical locations
**To qualify for the role, you must have**
- Bachelor's degree and approximately 3-5 years of related work experience
- Experience in computer intrusion analysis and incident response
- Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Effective communication skills with different stakeholders about cybersecurity and incident response analysis
- Ability to develop effective workflows, timelines, budgets for client engagements
- Ability to ensure quality in project deliverables and documentation
- Excellent troubleshooting skills
- Excellent project management skills and the ability to prioritize when working on multiple engagements
- A history of business development and team development success
- Proficient English
**Ideally, you’ll also have**
- An advanced degree in areas of at least one of the following professional certifications such as CIPT, CISSP, CISM, or CIPP/E, CDPSE, GCIH, GCED, CEH, GCIA, GCFA, GSE, Microsoft Certified: Information Protection Administrator Associate, or other relevant internationally recognized certifications
- Proficient Arabic
**What we offer**
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
**If you can demonstrate tha
This advertiser has chosen not to accept applicants from your region.
1
Senior Consultant, Incident Response &
Doha, Doha
EY
Posted today
Job Viewed
Job Description
Our Incident Response & Cybersecurity team supports our national and international client to address security incidents, hunt down security risks or incidents within environments, and act as a supporting team member in FIS.
**The opportunity**
In this role, you will require extensive experience and knowledge of technology, tools, policies, and standards related to security systems and incident response, which includes being up to date with latest trends. You must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process.
**Your key responsibilities**
As a senior consultant you will be responsible to investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
You will work to preserve, harvest, and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices while supporting the complex forensic analyses handled by the firm.
Moreover, it will be your responsibility to produce high-quality oral and written work product, presenting complex technical matters clearly and concisely to form and articulate expert opinions based on analysis. One should possess the experience, credibility, and integrity to perform as an expert witness. As a senior consultant you should consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Investigate instances of malicious code and documents to determine attack vectors and payloads and develop and refine policies and procedures for forensic and malware analyses.
You will play a vital role of researching, developing, and recommending hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
Furthermore, should also participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
**Skills and attributes for success**
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively with teams and independently across physical locations
**To qualify for the role, you must have**
- Bachelor's degree and approximately 3-5 years of related work experience
- Experience in computer intrusion analysis and incident response
- Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Effective communication skills with different stakeholders about cybersecurity and incident response analysis
- Ability to develop effective workflows, timelines, budgets for client engagements
- Ability to ensure quality in project deliverables and documentation
- Excellent troubleshooting skills
- Excellent project management skills and the ability to prioritize when working on multiple engagements
- A history of business development and team development success
- Proficient English
**Ideally, you’ll also have**
- An advanced degree in areas of at least one of the following professional certifications such as CIPT, CISSP, CISM, or CIPP/E, CDPSE, GCIH, GCED, CEH, GCIA, GCFA, GSE, Microsoft Certified: Information Protection Administrator Associate, or other relevant internationally recognized certifications
- Proficient Arabic
**What we offer**
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
**If you can demonstrate tha
**The opportunity**
In this role, you will require extensive experience and knowledge of technology, tools, policies, and standards related to security systems and incident response, which includes being up to date with latest trends. You must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process.
**Your key responsibilities**
As a senior consultant you will be responsible to investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
You will work to preserve, harvest, and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices while supporting the complex forensic analyses handled by the firm.
Moreover, it will be your responsibility to produce high-quality oral and written work product, presenting complex technical matters clearly and concisely to form and articulate expert opinions based on analysis. One should possess the experience, credibility, and integrity to perform as an expert witness. As a senior consultant you should consult with and take direction from supervisors, engagement managers, and clients regarding case investigation and status. Investigate instances of malicious code and documents to determine attack vectors and payloads and develop and refine policies and procedures for forensic and malware analyses.
You will play a vital role of researching, developing, and recommending hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
Furthermore, should also participate in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
**Skills and attributes for success**
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively with teams and independently across physical locations
**To qualify for the role, you must have**
- Bachelor's degree and approximately 3-5 years of related work experience
- Experience in computer intrusion analysis and incident response
- Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Effective communication skills with different stakeholders about cybersecurity and incident response analysis
- Ability to develop effective workflows, timelines, budgets for client engagements
- Ability to ensure quality in project deliverables and documentation
- Excellent troubleshooting skills
- Excellent project management skills and the ability to prioritize when working on multiple engagements
- A history of business development and team development success
- Proficient English
**Ideally, you’ll also have**
- An advanced degree in areas of at least one of the following professional certifications such as CIPT, CISSP, CISM, or CIPP/E, CDPSE, GCIH, GCED, CEH, GCIA, GCFA, GSE, Microsoft Certified: Information Protection Administrator Associate, or other relevant internationally recognized certifications
- Proficient Arabic
**What we offer**
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
**If you can demonstrate tha
This advertiser has chosen not to accept applicants from your region.
2
Senior Incident Response Consultant QAtar
Doha, Doha
Mandiant
Posted today
Job Viewed
Job Description
Company Description
Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
**Job Description**:
Mandiant Security Consulting Services ensures the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Consultants partner with Mandiant clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Mandiant Incident Response, Intelligence and Managed Defense practices, we are able to develop defense forward information security programs for our clients.
**What You Will Do**:
- Lead large, client-facing projects while mentoring/training junior team members
- Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
- Utilize Mandiant technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
- Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
- Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
- Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences
- Work with clients security and IT operations teams to implement remediation plans in response to incidents
**Qualifications**:
- 5+ years of experience in incident response, security operations, consulting or similar
- Experience with at least three of the following:
- Windows disk and memory forensics
- Network Security Monitoring (NSM), network traffic analysis, and log analysis
- Unix or Linux disk and memory forensics
- Static and dynamic malware analysis
- Experience and understanding of enterprise security controls in Active Directory/Windows environments
- Experience building scripts, tools, or methodologies to enhance investigation processes
- Experience leading external client engagements
- Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Experience with advanced computer exploitation methodologies
- Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
**Desired Qualifications**:
- Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired
- Effectively communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients
- Effectively develop documentation and explain technical details in a concise, understandable manner
- Strong time management skills to balance time among multiple tasks, and lead junior staff when required
Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
**Job Description**:
Mandiant Security Consulting Services ensures the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Consultants partner with Mandiant clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Mandiant Incident Response, Intelligence and Managed Defense practices, we are able to develop defense forward information security programs for our clients.
**What You Will Do**:
- Lead large, client-facing projects while mentoring/training junior team members
- Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
- Utilize Mandiant technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
- Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
- Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
- Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences
- Work with clients security and IT operations teams to implement remediation plans in response to incidents
**Qualifications**:
- 5+ years of experience in incident response, security operations, consulting or similar
- Experience with at least three of the following:
- Windows disk and memory forensics
- Network Security Monitoring (NSM), network traffic analysis, and log analysis
- Unix or Linux disk and memory forensics
- Static and dynamic malware analysis
- Experience and understanding of enterprise security controls in Active Directory/Windows environments
- Experience building scripts, tools, or methodologies to enhance investigation processes
- Experience leading external client engagements
- Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Experience with advanced computer exploitation methodologies
- Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
**Desired Qualifications**:
- Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired
- Effectively communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients
- Effectively develop documentation and explain technical details in a concise, understandable manner
- Strong time management skills to balance time among multiple tasks, and lead junior staff when required
This advertiser has chosen not to accept applicants from your region.
3
Incident Response and Digital Forensics Engineer
Doha, Doha
Techpace
Posted today
Job Viewed
Job Description
Job Description: We are seeking a highly skilled and experienced Incident Response and Digital Forensics Engineer to join our cybersecurity team. As an Incident Response and Digital Forensics Engineer, you will be responsible for investigating security incidents, performing digital forensics analysis, and coordinating incident response efforts. You will work closely with cross-functional teams to detect, contain, and remediate security breaches, ensuring the protection of our organization's systems and data. This role requires strong technical expertise, excellent problem-solving skills, and a deep understanding of incident response and digital forensics methodologies.
**Responsibilities**:
- Conduct thorough investigations of security incidents and breaches.
- Perform digital forensics analysis to collect and preserve evidence.
- Identify the root cause and scope of security incidents and recommend remediation actions.
- Coordinate incident response efforts with cross-functional teams.
- Develop and maintain incident response playbooks and standard operating procedures.
- Stay updated with the latest threat landscape, attack techniques, and forensic tools.
**Requirements**:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Proven experience in incident response and digital forensics.
- Strong knowledge of incident response methodologies and best practices.
- Proficiency in digital forensics tools and techniques.
- Familiarity with log analysis, malware analysis, and network forensics.
- Excellent problem-solving and analytical skills.
- Effective communication and collaboration abilities.
Preferred Qualifications:
- Relevant certifications, such as GIAC Certified Incident Handler (GCIH), Certified Computer Forensics Examiner (CCFE), or EnCase Certified Examiner (EnCE).
- Experience with incident response platforms and tools.
- Knowledge of regulatory frameworks, such as GDPR or HIPAA.
We offer competitive compensation packages, opportunities for professional development, and a collaborative work environment focused on innovation and continuous improvement. If you are passionate about incident response, digital forensics, and protecting organizations from cyber threats, we would love to hear from you.
**Salary**: QAR25,000.00 - QAR30,000.00 per month
Ability to commute/relocate:
- Doha: Reliably commute or planning to relocate before starting work (required)
**Education**:
- Bachelor's (preferred)
License/Certification:
- SANS, Elearn Security (required)
**Responsibilities**:
- Conduct thorough investigations of security incidents and breaches.
- Perform digital forensics analysis to collect and preserve evidence.
- Identify the root cause and scope of security incidents and recommend remediation actions.
- Coordinate incident response efforts with cross-functional teams.
- Develop and maintain incident response playbooks and standard operating procedures.
- Stay updated with the latest threat landscape, attack techniques, and forensic tools.
**Requirements**:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Proven experience in incident response and digital forensics.
- Strong knowledge of incident response methodologies and best practices.
- Proficiency in digital forensics tools and techniques.
- Familiarity with log analysis, malware analysis, and network forensics.
- Excellent problem-solving and analytical skills.
- Effective communication and collaboration abilities.
Preferred Qualifications:
- Relevant certifications, such as GIAC Certified Incident Handler (GCIH), Certified Computer Forensics Examiner (CCFE), or EnCase Certified Examiner (EnCE).
- Experience with incident response platforms and tools.
- Knowledge of regulatory frameworks, such as GDPR or HIPAA.
We offer competitive compensation packages, opportunities for professional development, and a collaborative work environment focused on innovation and continuous improvement. If you are passionate about incident response, digital forensics, and protecting organizations from cyber threats, we would love to hear from you.
**Salary**: QAR25,000.00 - QAR30,000.00 per month
Ability to commute/relocate:
- Doha: Reliably commute or planning to relocate before starting work (required)
**Education**:
- Bachelor's (preferred)
License/Certification:
- SANS, Elearn Security (required)
This advertiser has chosen not to accept applicants from your region.
4
Senior Security Operations Engineer
Canonical
Posted 12 days ago
Job Viewed
Job Description
Join to apply for the Senior Security Operations Engineer role at Canonical
Join to apply for the Senior Security Operations Engineer role at Canonical
Get AI-powered advice on this job and more exclusive features.
We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.
Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.
The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
What you will do in this role:
- Implement and evolve Canonical's Security Operation Center
- Analyse and improve Canonical's security architecture
- Evaluate, select and implement new security tools and practices
- Identify, contain and guide the remediation of security threats and cyber attacks
- Grow the presence and thought leadership of Canonical SecOps practice
- Contribute to open source threat intelligence initiatives
- Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
- Develop Canonical SecOps learning and development materials
- Publish blog posts, whitepapers and conference presentations
- Identify, implement and track SecOps KPIs
- Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
- Work with Security leadership to present information and influence change
- An exceptional academic track record
- Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
- Previous professional experience working or leading a Security Operation Center
- Deep personal motivation to be at the forefront of technology security
- Expertise in threat modelling and risk management frameworks
- Knowledge of security architecture and market-leading security tools
- Experience contributing to, and consuming, threat intelligence feeds
- Experience in security risk management frameworks such as NIST CSF and ISO27001
- Experience in a security operations team or a security operations centre (SOC)
- Experience in offensive or defensive security teams with hands-on ability
- Experience with state-actor and other advanced persistent threats
We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.
- Distributed work environment with twice-yearly team sprints in person
- Personal learning and development budget of USD 2,000 per year
- Annual compensation review
- Recognition rewards
- Annual holiday leave
- Maternity and paternity leave
- Employee Assistance Programme
- Opportunity to travel to new locations to meet colleagues
- Priority Pass, and travel upgrades for long haul company events
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.
Canonical is an equal opportunity employer
We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.
Seniority level
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries Software Development
Referrals increase your chances of interviewing at Canonical by 2x
Linux Cryptography and Security EngineerWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
5
Head of Security Operations
Doha, Doha
Canonical
Posted 17 days ago
Job Viewed
Job Description
Join to apply for the Head of Security Operations role at Canonical
Continue with Google Continue with Google
Join to apply for the Head of Security Operations role at Canonical
This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.
While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
This role reports to the CISO.
What you will do in this role:
- Hire and mentor a team of outstanding technical security professionals
- Define Canonical's SecOps security standards and playbooks
- Own and drive the architecture and design of the SOC
- Analyse and improve Canonical's security architecture
- Evaluate, select and implement new security tools and practices
- Identify, contain and guide the remediation of security threats and cyber attacks
- Grow the presence and thought leadership of Canonical SecOps practice
- Contribute to open source threat intelligence initiatives
- Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
- Develop Canonical SecOps learning and development materials
- Publish blog posts, whitepapers and conference presentations
- Identify, implement and track SecOps KPIs
- Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
- Work with Security leadership to present information and influence change
- Proven track record of mitigating with advanced threat actors and nation state threats
- Expert technical understanding of SOCs from the ground up
- In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc
- Someone who understands how the SOC works not just how to use it
- Expert in Linux security
- Ability to define, implement, automate and measure effective incident response playbooks
- Knowledge of security architecture and market-leading security tools
- Experience contributing to, and consuming, threat intelligence feeds
- Experience in security risk management frameworks such as NIST CSF
- An exceptional academic track record from both high school and university
- Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
- Drive and a track record of going above-and-beyond expectations
- Deep personal motivation to be at the forefront of technology security
- Leadership and management ability
- Excellent business English writing and presentation skills
- Confidence to report security performance metrics with accountability for accuracy and completeness
- Experience in offensive or defensive security teams with hands-on ability
- Experience with open source security tools
- Experience with security standards such as ISO 27001
- Experience with security posture management of corporate endpoitns
- Seniority level Director
- Employment type Full-time
- Job function Other, Information Technology, and Management
- Industries Software Development
Referrals increase your chances of interviewing at Canonical by 2x
Get notified about new Head of Security jobs in Doha, Doha, Qatar .
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Incident response Jobs in Qatar !
6
Senior Security Operations Engineer
Doha, Doha
Canonical
Posted 11 days ago
Job Viewed
Job Description
Join to apply for the
Senior Security Operations Engineer
role at
Canonical Join to apply for the
Senior Security Operations Engineer
role at
Canonical Get AI-powered advice on this job and more exclusive features. We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.
Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.
The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
What you will do in this role:
Implement and evolve Canonical's Security Operation Center Analyse and improve Canonical's security architecture Evaluate, select and implement new security tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers and conference presentations Identify, implement and track SecOps KPIs Plan and deliver SecOps work in the framework of Canonical's agile engineering practice Work with Security leadership to present information and influence change
What we are looking for
An exceptional academic track record Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Previous professional experience working or leading a Security Operation Center Deep personal motivation to be at the forefront of technology security Expertise in threat modelling and risk management frameworks Knowledge of security architecture and market-leading security tools Experience contributing to, and consuming, threat intelligence feeds Experience in security risk management frameworks such as NIST CSF and ISO27001
Optional things we value
Experience in a security operations team or a security operations centre (SOC) Experience in offensive or defensive security teams with hands-on ability Experience with state-actor and other advanced persistent threats
What we offer you
We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.
Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events
About Canonical
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.
Canonical is an equal opportunity employer
We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Industries Software Development Referrals increase your chances of interviewing at Canonical by 2x Linux Cryptography and Security Engineer
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Senior Security Operations Engineer
role at
Canonical Join to apply for the
Senior Security Operations Engineer
role at
Canonical Get AI-powered advice on this job and more exclusive features. We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.
Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.
The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
What you will do in this role:
Implement and evolve Canonical's Security Operation Center Analyse and improve Canonical's security architecture Evaluate, select and implement new security tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers and conference presentations Identify, implement and track SecOps KPIs Plan and deliver SecOps work in the framework of Canonical's agile engineering practice Work with Security leadership to present information and influence change
What we are looking for
An exceptional academic track record Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Previous professional experience working or leading a Security Operation Center Deep personal motivation to be at the forefront of technology security Expertise in threat modelling and risk management frameworks Knowledge of security architecture and market-leading security tools Experience contributing to, and consuming, threat intelligence feeds Experience in security risk management frameworks such as NIST CSF and ISO27001
Optional things we value
Experience in a security operations team or a security operations centre (SOC) Experience in offensive or defensive security teams with hands-on ability Experience with state-actor and other advanced persistent threats
What we offer you
We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.
Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events
About Canonical
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.
Canonical is an equal opportunity employer
We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Industries Software Development Referrals increase your chances of interviewing at Canonical by 2x Linux Cryptography and Security Engineer
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
7
Head of Security Operations
Doha, Doha
Canonical
Posted 16 days ago
Job Viewed
Job Description
Join to apply for the
Head of Security Operations
role at
Canonical Continue with Google Continue with Google Join to apply for the
Head of Security Operations
role at
Canonical This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.
While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
This role reports to the CISO.
What you will do in this role:
Hire and mentor a team of outstanding technical security professionals Define Canonical's SecOps security standards and playbooks Own and drive the architecture and design of the SOC Analyse and improve Canonical's security architecture Evaluate, select and implement new security tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers and conference presentations Identify, implement and track SecOps KPIs Plan and deliver SecOps work in the framework of Canonical's agile engineering practice Work with Security leadership to present information and influence change
What we are looking for
Proven track record of mitigating with advanced threat actors and nation state threats Expert technical understanding of SOCs from the ground up In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc Someone who understands how the SOC works not just how to use it Expert in Linux security Ability to define, implement, automate and measure effective incident response playbooks Knowledge of security architecture and market-leading security tools Experience contributing to, and consuming, threat intelligence feeds Experience in security risk management frameworks such as NIST CSF An exceptional academic track record from both high school and university Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Drive and a track record of going above-and-beyond expectations Deep personal motivation to be at the forefront of technology security Leadership and management ability Excellent business English writing and presentation skills Confidence to report security performance metrics with accountability for accuracy and completeness
Optional things we value
Experience in offensive or defensive security teams with hands-on ability Experience with open source security tools Experience with security standards such as ISO 27001 Experience with security posture management of corporate endpoitns
Seniority level
Seniority level Director Employment type
Employment type Full-time Job function
Job function Other, Information Technology, and Management Industries Software Development Referrals increase your chances of interviewing at Canonical by 2x Get notified about new Head of Security jobs in
Doha, Doha, Qatar . We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Head of Security Operations
role at
Canonical Continue with Google Continue with Google Join to apply for the
Head of Security Operations
role at
Canonical This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.
While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
This role reports to the CISO.
What you will do in this role:
Hire and mentor a team of outstanding technical security professionals Define Canonical's SecOps security standards and playbooks Own and drive the architecture and design of the SOC Analyse and improve Canonical's security architecture Evaluate, select and implement new security tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts, whitepapers and conference presentations Identify, implement and track SecOps KPIs Plan and deliver SecOps work in the framework of Canonical's agile engineering practice Work with Security leadership to present information and influence change
What we are looking for
Proven track record of mitigating with advanced threat actors and nation state threats Expert technical understanding of SOCs from the ground up In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc Someone who understands how the SOC works not just how to use it Expert in Linux security Ability to define, implement, automate and measure effective incident response playbooks Knowledge of security architecture and market-leading security tools Experience contributing to, and consuming, threat intelligence feeds Experience in security risk management frameworks such as NIST CSF An exceptional academic track record from both high school and university Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Drive and a track record of going above-and-beyond expectations Deep personal motivation to be at the forefront of technology security Leadership and management ability Excellent business English writing and presentation skills Confidence to report security performance metrics with accountability for accuracy and completeness
Optional things we value
Experience in offensive or defensive security teams with hands-on ability Experience with open source security tools Experience with security standards such as ISO 27001 Experience with security posture management of corporate endpoitns
Seniority level
Seniority level Director Employment type
Employment type Full-time Job function
Job function Other, Information Technology, and Management Industries Software Development Referrals increase your chances of interviewing at Canonical by 2x Get notified about new Head of Security jobs in
Doha, Doha, Qatar . We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
8
Security Operations Center - Cyber Security Analyst (L2)
Doha, Doha
Malomatia
Posted 5 days ago
Job Viewed
Job Description
Role Description:
The Cyber Security Analyst will monitor cybersecurity solutions to detect and analyze potential system compromises, perform root cause analysis, and support remediation efforts.
This role requires a strong technical understanding of cybersecurity concepts and a passion to develop as an expert in the field.
The candidate must have hands-on experience with SIEM solutions , threat hunting, and incident response. They will work closely with operational staff at customer sites and be responsible for researching emerging threats and communicating associated risks.
Roles & Responsibilities:
- Act as escalation point and Subject Matter Expert (SME) on security issues
- Analyze and validate security alerts and incidents
- Create/update incidents in the case management system
- Notify customers and support throughout the incident management lifecycle
- Track case progress and provide analysis updates
- Collaborate with stakeholders to maintain strong working relationships
- Provide on-call support for incident investigations
- Conduct post-incident reviews and develop operational metrics
- Mentor junior colleagues and develop training materials
- Analyze threat intelligence and share insights with relevant teams
- Develop use cases for security monitoring and model threats
- Hunt for IoCs, IoAs, APTs , and related TTPs
- Develop repeatable threat hunting tactics
- Integrate standard/non-standard logs into SIEM systems
- Enhance SOC procedures and contribute to continuous improvement
- Identify process improvement opportunities for better service delivery
Skills
Required Skills:
- Troubleshooting of network and Windows/ nix connectivity issues
- Understanding of TCP/IP , network traffic, and log analysis
- Strong knowledge of OS, network architecture, and system design principles
- Experience with cybersecurity tools like SIEM, EDR, SOAR
- Knowledge of cyber threats , vulnerabilities, and mitigation strategies
- Familiarity with key SOC technologies: ArcSight, Splunk, IBM QRadar , etc.
- Ability to collaborate with both technical and non-technical stakeholders
- Strong problem-solving skills and ability to remain calm under pressure
- Excellent written and verbal communication skills
Educational Qualifications:
- Relevant degree in IT, cybersecurity, or related field
- One or more relevant industry certifications
Desirable Qualifications:
- Experience in the Middle East region
- Prior work in MSSP or MDR environments
- Familiarity with 24/7 security operations
- Exposure to multiple SIEM and EDR solutions
- Industry certifications such as GSOC, BTL1, MBT , etc.
This advertiser has chosen not to accept applicants from your region.
9