Senior Cybersecurity Consultant (Onsite)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Malomatia seeks a Senior Cybersecurity Consultant to join its Cybersecurity Practice as an Incident Handler in Doha. The role involves leading incident detection, investigation, containment, and recovery across enterprise and cloud environments using Microsoft security tools.
Key Skills for This Role
Responsibilities
- Lead the end to end handling of security incidents, including detection, triage, investigation, containment, eradication, and recovery
- Operate, tune, and investigate using Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps
- Use Microsoft Sentinel for log analysis, correlation, and automated response; develop and tune analytic rules, KQL queries, workbooks, and SOAR playbooks
- Leverage Microsoft Purview for data governance, information protection, insider risk management, and compliance
- Configure, monitor, and respond to DLP policies across Microsoft 365 and endpoints
- Conduct proactive threat hunting across the Microsoft 365 and Azure estate
- Perform host, endpoint, and cloud based investigations and digital forensics to determine root cause, scope, and impact of incidents
- Produce high quality incident reports, timelines, and post incident reviews; maintain runbooks and playbooks
Requirements
- Bachelor’s / college degree in Computer Science, Information Security, or a related field
- At least 8 years of experience in cybersecurity operations, incident response, or security monitoring, with significant hands on experience operating Microsoft security tools
- Strong hands on experience with the Microsoft security stack, including Microsoft Defender (EDR/XDR), Microsoft Sentinel, Microsoft Purview, and Microsoft 365 DLP
- Proficiency with KQL for investigation and detection
- Experience with EDR investigation, log analysis, SIEM/SOAR, endpoint and cloud forensics, and identity platforms (Entra ID and Active Directory)
- Strong understanding of incident response methodologies and frameworks (e.g., NIST SP 800 61, SANS), the MITRE ATT&CK framework, the cyber kill chain, and modern attacker techniques
- Relevant professional certifications (e.g., SC 200, SC 100, SC 400, GCIH, GCFA, CISSP, CySA+) are highly desirable
Full Job Posting
Job Description
- We are seeking a skilled Senior Cybersecurity Consultant to join our Cybersecurity Practice as an Incident Handler within our security operations function.
- In this role, you will lead the detection, investigation, containment, and recovery of security incidents across enterprise and cloud environments, with a strong focus on the Microsoft security ecosystem.
Responsibilities
- Incident Handling & Response: Lead the end to end handling of security incidents, including detection, triage, investigation, containment, eradication, and recovery.
- Microsoft Defender (EDR/XDR): Operate, tune, and investigate using Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps.
- Microsoft Sentinel (SIEM/SOAR): Use Microsoft Sentinel for log analysis, correlation, and automated response. Develop and tune analytic rules, KQL queries, workbooks, and SOAR playbooks.
- Microsoft Purview & Data Security: Leverage Microsoft Purview for data governance, information protection, insider risk management, and compliance.
- Data Loss Prevention (DLP): Configure, monitor, and respond to DLP policies across Microsoft 365 and endpoints.
- Threat Hunting & Detection Engineering: Conduct proactive threat hunting across the Microsoft 365 and Azure estate.
- Forensics & Root Cause Analysis: Perform host, endpoint, and cloud based investigations and digital forensics.
- Documentation & Reporting: Produce high quality incident reports, timelines, and post incident reviews.
Qualifications
- Education: Bachelor’s / college degree in Computer Science, Information Security, or a related field.
- Experience: At least 8 years of experience in cybersecurity operations, incident response, or security monitoring, with significant hands on experience operating Microsoft security tools.
- Certifications: Relevant professional certifications are highly desirable, including Microsoft Security Operations Analyst (SC 200), Microsoft Certified: Cybersecurity Architect (SC 100) or Information Protection (SC 400), GIAC incident response / forensics (e.g., GCIH, GCFA), ISC2 (e.g., SSCP or CI
- Technical Skills: Strong hands on experience with the Microsoft security stack, including Microsoft Defender (EDR/XDR), Microsoft Sentinel, Microsoft Purview, and Microsoft 365 DLP. Proficiency with KQL for investigation and detection. Experience with EDR investigation, log analysis, SIEM/SOAR, endp
- Knowledge: Strong understanding of incident response methodologies and frameworks (e.g., NIST SP 800 61, SANS), the MITRE ATT&CK framework, the cyber kill chain, and modern attacker techniques. Solid grasp of cybersecurity principles including defense in depth, zero trust, and least privilege. Famil
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at malomatia
Security Engineer Implementor (Cloud)
Doha, QAT
malomatia seeks an experienced Microsoft Security Consultant to join its Cybersecurity Practice in Doha. The role involves designing, implementing, and operating security controls across the Microsoft security stack for
Application Security (Onsite as a service) to support QFZ
Doha, QAT
malomatia is seeking an Application Security Specialist to join its Cybersecurity Practice, responsible for penetration testing, security scanning, threat modeling, secure code review, and DevSecOps integration. Candidat
IT Security Governance Officer
Doha, QAT
malomatia seeks an IT Security Governance Officer to develop, implement, and maintain government-aligned information security policies, standards, and procedures in Doha. The role ensures compliance with national cyberse
IT Network Engineer
Doha, QAT
malomatia is hiring an IT Network Engineer to design, implement, and support LAN/WAN infrastructure, ensuring secure and reliable network connectivity. The role requires 7+ years of experience and certifications such as
IT Security Specialist
Doha, QAT
malomatia is seeking an IT Security Specialist to implement security policies, manage security devices, monitor networks, and respond to incidents. Requires a Bachelor's degree in computer engineering, CISSP/CISM/CEH cer
Engineer - Filenet System
Doha, QAT
malomatia seeks a highly skilled FileNet System Engineer to provide technical leadership for IBM FileNet P8 solutions, including implementation, support, and optimization. The role requires 5+ years of hands-on FileNet e
Business Analyst / QA Consultant - Core Banking - Finastra EQUATION
Doha, QAT
Malomatia seeks a Business Analyst Consultant with 5+ years of continuous experience in Finastra EQUATION Core Banking System. You will gather requirements, prepare functional specifications, perform business process ana
Portfolio Manager – Strategic Programs (Qatari National)
Doha, QAT
malomatia is seeking a Portfolio Manager to oversee large, complex strategic programs, ensuring timely execution and regulatory compliance. The role requires close engagement with senior government stakeholders to align
Security Engineer Implementor (Cloud)
Doha, QAT
Application Security (Onsite as a service) to support QFZ
Doha, QAT
IT Security Governance Officer
Doha, QAT
IT Network Engineer
Doha, QAT
IT Security Specialist
Doha, QAT
Engineer - Filenet System
Doha, QAT
Business Analyst / QA Consultant - Core Banking - Finastra EQUATION
Doha, QAT
Portfolio Manager – Strategic Programs (Qatari National)
Doha, QAT