Job Description

Company
QatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases
of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are
the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products,
syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's
strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing
Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil
and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore
locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including
HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our
joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are
committed to one thing aboveall: Excellence.
Department
INFORMATION & COMMUNICATION TECHNOLOGY
Primary purpose of job
Lead Threat Detection & Response responsible for early detection, and rapid response in order for mitigating the cyber
risks for QP's IT and OT information systems. Lead Threat Detection & Response build, train and lead the 24/7 Cyber
Detection and engineering team for IT and OT cyber security. As technical lead and incident responder for QatarEnergy
Security Operations Centre's Cyber Detection he/she will be leading technical investigations for security incidents,
overseeing process improvements, and driving implementation of new capabilities. He/she will act as front-line point of
escalation and serves as a technical escalation resource for other security analysts and engineers and provide mentoring
for skill development. He/she partner with Information Security leads to implement and improve technology and process to
enhance Cyber Security monitoring, detection, investigation, and response. Lead Threat Detection & Response supervises
and coordinates engineers and external consultants who are responsible for the design, build and ongoing management of
the QatarEnergy Detection platforms and ultimately support QatarEnergy's IT and OT cyber security 7x24 mission critical
operational expansion.
Experience & Skills

• 10 years of technical experience in Information Security, System Administration, or Network Engineering with at least 5

years of experience in Information Security

• Preferably experience with large ICS & ICT environments in the Energy sector.
• Malware analysis, Vulnerability assessment & Forensic & memory analysis, and Data analytics.
• Ability to communicate between staff from analyst to managerial level, as well as maintain positive working relationships

across the business. Focused "can-do" positive attitude to deliver excellent service excellent written and verbal business
communication skills.

• Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)
• Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
• Advanced knowledge of penetration techniques and forensic techniques.
• Moderate knowledge and experience with Cloud technologies
• Moderate protocol analysis experience (Wireshark, Netwitness, etc.)
• Good knowledge of IT including multiple operating systems and system administration skills (Windows, Linux, Solaris,

Unix).

• Solid knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and

enterprise Anti-Virus products.

• Strong understanding of security incident management, malware management and vulnerability management processes.
• Experience with web content filtering technology - policy engineering and troubleshooting.
• Good awareness of IT Support processes, such as ITIL.
• Must maintain professional demeanor in stressful situations

Education

• Bachelor's degree in information security, computer science, or systems engineering
• Possession of Industry Certifications (Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), Certified

Ethical Hacker (CEH), Certified Expert Penetration Tester (CEPT), OSCE/ CHFI/ SANS Cyber Threat Hunting/ SANS
GREM or equivalent SIEM/ security technologies technical certification (Advanced Level).

• Good awareness of IT Support processes, and frameworks such as ITIL, MITRE ATT@CK, OWASP10