28 Incident Response jobs in Doha

Overview

Cybersecurity Security Analyst

• Monitor systems for security breaches or intrusions.
• Investigate security incidents and provide incident response.
• Implement security measures to protect against threats.
• Conduct vulnerability assessments and penetration testing.
• Analyze security data and generate reports for management.

• 8+ years experience
• Bachelors / master’s degree in computer science or Equivalent
• Relevant industry standard certifications are preferred.
• Proven skills and experience in the similar role.
• Excellent communication skills both written and verbal.
• Ability to convey complex technical information concisely.
• A high level of motivation in learning new technologies.
• Hard worker, self-motivated and result-driven individual.
• Willing to work in non-standard working hours.
• Ability to work well in groups and independently.
• Strong analytical and problem-solving skills.

Senior Security Analyst - CREQ Description

Role : Senior Security Analyst

Skill : Advanced Defender XDR, Advanced Incident Triage using Defender and Sentinel, Advanced KQL, Advanced MITRE ATT&CK Framework, Advanced Threat Hunting, CCFP, CHFI, Forensic Analysis, Reverse engineering of malware

Experience : 6+ Years

Job Description :

Must Have : Advanced Defender XDR, Advanced Incident Triage using Defender and Sentinel, Advanced KQL, Advanced MITRE ATT&CK Framework, Advanced Threat Hunting, CCFP, CHFI, Forensic Analysis, Reverse engineering of malware

Additional Skills :

1. Have at least one of the relevant certifications: SANS GIAC: GCIA, GCFA, GCFE, GREM, GXPN, GMON, or GCIH
2. ISC2: CCFP, CCSP, CISSP CERT CSIH
3. EC Council: CHFI or ECSA
4. Provide expertise in the triage, escalate and respond to potential security events & incidents and provides support to security teams
5. Provide cyber Incident Response expertise and perform Malware Analysis & reverse engineering of malware
6. Analyze various log, network, malware, forensic, and cyber threat intel to validate security threats, recommend appropriate countermeasures, and assess impact of cyber incidents

Add the Middle East to your global professional experience and have the opportunity to work on some of the leading Digital Transformation programs.

Virtusa is one of the fastest growing IT Services companies in the Middle East with a growing client base in the UAE, KSA, Qatar & Oman and we work with the leading Banking and Financial Services, Travel, Telecom and Enterprises firms in the region.

Why would you not like to be part of this exciting and award winning team? Don’t listen to us, listen to our customers.

Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 30,000+ people globally that cares about your growth — one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us.

Primary Location: Doha, Ad Dawḩah, Qatar

Job Type: Experienced

Primary Skills: Azure Infra Security

Years of Experience: 7

Travel: No

Job Objectives

The Information Security Application Consultants develops, operates, and manages the application security frameworks to continuously monitor and improve organization's security posture to build secure applications and reduce threat footprint. The role also provides subject matter expertise and operational direction on application security governance, application security control and risk analysis, security assessment automation, secure development practices and incident response.

Description

1. Establish and manage industry-leading application security processes and practices at each phase of the software development lifecycle and implement operational roadmap for assessment, penetration testing and source code reviews.

2. Ensure acquired and developed applications are consistent with secure software development lifecycle and security architecture guidelines.

3. Conduct regular manual and automated application security testing, assessments, review results, track issues and follow up to ensure remediation in line with secure software development lifecycle.

4. Coordinate and scope Third party penetration testing and application assessments activities including configuration reviews for compliance and additional assurance of secured implementation and operation of solutions.

5. Design, develop and implement the integration and automation of threat modelling, security assessments and testing tools with DevOps, application development and QA tools to improve detection and prevention capabilities.

6. Recommend improvements to the secure reference architecture through continuous review and assessment of the application security requirements, policies, and procedures.

7. Ensure secure coding practices and Software Development Life Cycle (SDLC) are followed by providing training and awareness to the internal stakeholders.

8. Ensure Data Protection, privacy concerns and regulations are in place and addressed in Policies and procedures.

9. Help support and enhance existing cloud security model, ensuring adherence to best practice in alignment with industry standards at technology, operational, legal measures.

10. Define the high-level requirements for preserving the confidentiality, integrity, and availability of information and assets, protecting assets from threats based on an assessment of risks to the organization, and supporting the fulfillment of relevant legal, regulatory, operational, and contractual requirements.

11. Provide regular updates to management on application security and vulnerability management posture by defining operational KPIs and metrics, build dashboard and reports.

12. Manage follow up, close and report upon all department’s information security regulatory requirements, audits, inconformity reports, compliance issues and observations that arise during conducted internal and external assurance engagements.

13. Conduct Risk Assessments on the required Applications to identify applicable risk scenarios and mitigating controls as per Qatargas Information security risk management practices.

14. Perform other related duties or assignments as directed.

Requirements

Minimum Qualifications :

Bachelor’s degree in Computer Engineering / Science, Electronics Engineering, or any other appropriately relevant field.

Minimum Experience :

10 years of progressive experience in a directly related field.

7 years of professional experience in ICT information, application security in an enterprise level environment.

3 years in similarly relevant Application security role with around the same team capacity and complexity of assigned tasks.

Job Specific Skills :

Certifications in industry relative standards, frameworks, and schools of practice, such as CSSLP, GWAPT, OSCP, etc.

Excellent knowledge in maintaining effective working relationships with staff and clients; excellent people management skills.

Excellent written and verbal communication skills.

Strong analytical and problem-solving skills.

Proven success in working in a similarly complex ICT information security within same industry.

Professional experience in conducting manual and automated application assessments (DAST, SAST & RAST), penetration testing and configuration review.

Excellent understanding of modern development approaches and environments, secure Software Development Life Cycle (SDLC), secure coding practices and DevSecOps.

Good understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)

Good understanding of implementing enterprise information security architectures and frameworks.

Strong understanding of project management principles and requirements.

Excellent knowledge and understanding of Information Technology industry, trends, architectures, integrations, operational security, and process computing.

Excellent knowledge and understanding of leading industry standards, frameworks, methodologies, and best practices.

Excellent knowledge and understanding of information security governance, compliance, architecture components, technical solutions, and operational services.

Understanding of SAP products, Applications development concepts, change management and landscape

Propose security guidelines for new SAP systems ensuring critical design and implementation elements are captured addressed.

Excellent knowledge and understanding of SAP cloud platform Application services, types of deployments and security requirements to ensuring secure operations and data integrity.

• Skillset Required : Information Technology, Risk Assessment, Css, Verbal Communication Skill, Devops, Information Security, Verbal Communication Skills, Sdlc, Management Skill, Analytical And Problem-solving Skill, Application Security, Compliance, Aris, Change Management, Application Development, Web Service, Problem-solving Skill, Methodologies, Excel, People Management, Communication Skill, Written And Verbal Communication, Strong Understanding, Trends, Project Management, Strong Analytical, Software Development

Overview

Healthcare Recruitment Specialist l HRCI-Certified l Strategic Talent Acquisition & Stakeholder Management for Global Wellness.

JOB PURPOSE:

The Cyber Security Analyst creates a comprehensive program for establishing a Healthcare carrier-class Security Operation Center. S/he develops and maintains threat monitoring and security incident response procedures within Naufar. The analyst designs frameworks, procedures, and toolkits to enhance capabilities in professional forensic collection and digital evidence analysis. S/he also develops dashboards for reporting the organization's threat landscape, awareness and security posture to senior management. This role is an expert role with defined responsibilities.

Description

• Develops and implements a cyber-security program to enhance Naufar capabilities regarding Cyber Attack incident monitoring, incidents response and intrusive and non-intrusive forensics capabilities.
• Develops and matures the service capabilities of the SOC, such as Forensics, Threat Management, Penetration Assessments, and Tool Management.
• Develops, contributes and maintains the cyber security strategy.
• Implements, configures and maintains security control and process, to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat.
• Identifies deficiencies and recommends corrective action to strengthen information security control and decrease the risk of data breach.
• Maintains and updates standard operation policies and procedures for incident response plans, e-discovery processing, remote acquisition/analysis tools, collections and forensic analysis techniques.
• Maintains industry standard tools and processes used for forensic analysis and eDiscovery collections and processes.
• Monitors security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations and ensures ticket audits and reviews are completed.
• Utilizes leading forensic software to identify, collect, preserve and analyze electronic data from laptops, desktops, servers, email archives, infrastructure logs, network file servers, backup tapes, cell phones, PDAs and a wide variety of other media devices.
• Manages requests for electronic data and digital forensic investigations that relate to Litigation, Regulatory matters, Compliance, and Employee Investigations.
• Performs cybersecurity incident analysis and assist with incident response, including analysis of network content and metadata for investigations or malware detection and identifies the cause and extent of a breach.
• Serves as a subject matter expert and technical advisor in matters relating to the proper collection, preservation, packaging, and submission of digital and multimedia evidence.
• Participates in incident electronic evidence collection activities in major field investigations. Ensures evidence handling requirements are met.
• Performs post-incident report according to standard operations.
• Analyzes the tools and methodology used for investigation and accordingly presents improvements in control and corrective actions if any.
• Escalates and works with senior management on resolutions to overdue security items or any negative trends identified.
• Develops focused reporting and briefings for advanced cyber threats.
• Conducts studies and research for improving forensic analyses, scientific methods, and resolving forensic examination problems.
• Creates detailed, professional documentation and reports, including performance metrics and presentations for management.
• Leads or contributes to key projects related to corporate threat monitoring, forensics or information security initiatives.
• Facilitates group risk assessment activities and identifies any security-related process improvement opportunities.
• Monitors and performs trending on root cause analysis activities within assigned group and participates as needed to resolve clinical systems security related incidents.
• Assists on monitoring compliance with information security policies, standards and ENTERPRISE-WIDE strategy and facilitates threat and vulnerability evaluations on a regular basis. Measures and reports on the effectiveness of information security controls.
• Supports the security initiatives, corrective and preventative actions, and security measures by ensuring timely updates and escalating concerns and non-compliances.
• Understands and maintains the appropriate knowledge of Security Technologies, (Firewall, Anti-Virus, Email and Web Encryption, HIPS, NIPS, SIEM, WAF, DLP), security procedures, and services within Naufar IT Security as well as ensures all tools are functioning properly.
• Keeps up to date on changes to significant regulatory and applicable standards issued by internal or external agencies, as applicable to the Naufar’s domain.
• Adheres to Naufar’s standards as they appear in the Code of Conduct and Conflict of Interest policies

Academic Qualifications:

• Master’s degree – Cybersecurity - Desired

Experience Requirements:

• 8+ years of experience working as a security analyst or SME within a Security Operations Center with exposure to cyber security collection, analysis and threats management, investigation and digital forensics.
• Demonstrated experience in threat detection and analysis, incident response, and reporting.
• Demonstrated experience with incident response, deep dive forensics, insider threat, cyber and data exfiltration incidents.
• Demonstrated experience conducting assessments, digital forensic investigations, vulnerability management and incident response.
• Demonstrated experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
• Demonstrated experience with SEIM products in the detection, response, mitigation, and/or reporting of cyber threats
• Demonstrated experience in the use of forensic tools (e.g. FTK, Encase, Forensic Toolkit, X-Ways, Linux based tools, etc.)
• Experienced with (or equivalent) the following regulations and frameworks: PCI, HIPAA, and ISO/IEC 2700x

• Associate

• Full-time

• Health Care Provider
• Industries
• Hospitals and Health Care