Security Analyst

About This Role

About the role
Provide operational security monitoring, incident response, and risk-reduction activities to protect company systems and data in line with local regulations and organisational security policy.

Key responsibilities

• Security monitoring: Maintain SIEM alerts, investigate security events, triage incidents and escalate per playbooks.
• Incident response: Lead containment, eradication and recovery steps for security incidents; perform root‑cause analysis and produce post‑incident reports.
• Threat detection & hunting: Develop detection rules, run proactive threat hunts and tune alerts to reduce false positives.
• Vulnerability management: Coordinate vulnerability scans, prioritise remediation, track fixes and verify mitigation.
• Access & identity: Review IAM configurations, support privileged-access controls, MFA rollouts and user access reviews.
• Security controls & hardening: Implement and validate endpoint, network and cloud security controls (EDR, firewalls, NAC, CASB).
• Log & evidence management: Collect, preserve and analyse logs/evidence for investigations and compliance.
• Compliance & reporting: Support audits, maintain security metrics and produce regular risk and compliance reports.
• Playbooks & documentation: Develop and maintain IR playbooks, runbooks, SOPs and threat intelligence feeds.
• Collaboration & training: Work with IT, DevOps and business teams to remediate issues and deliver basic security awareness sessions.

Qualifications & experience

• Bachelor’s degree in Cybersecurity, Computer Science or related field, or equivalent experience.
• 2+ years in SOC, incident response or security operations; GCC/Doha experience preferred.
• Hands‑on with SIEM (Splunk, QRadar, Sentinel), EDR tools, vulnerability scanners and network security technologies.
• Familiar with MITRE ATT&CK, incident response frameworks and forensic techniques.
• Strong log analysis, scripting (Python, Bash) and Linux/Windows troubleshooting skills.
• Security certifications preferred: e.g., GCIA, GCIH, GSEC, CISSP, or equivalent.
• Effective communicator, able to produce clear technical reports and present findings to stakeholders.
• Valid work authorisation for Qatar.

Key attributes

• Analytical: Detail‑oriented investigator.
• Calm under pressure: Responds decisively during incidents.
• Proactive: Seeks and mitigates risks before escalation.
• Collaborative: Builds relationships across technical teams.

نوع الوظيفة: دوام كامل

الراتب المدفوع: QAR٣٥٫٠٠ لكل ساعة

موقع العمل: بشكل شخصي