{bc}
linkedin

Senior Cybersecurity Consultant (Onsite)

malomatia
Doha, QAT
Full Time
Senior
Today
Microsoft DefenderMicrosoft SentinelMicrosoft PurviewData Loss PreventionKQLIncident Response
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Microsoft DefenderMicrosoft SentinelMicrosoft Purview
Smart Apply

Full Job Posting

Job Description

  • We are seeking a skilled Senior Cybersecurity Consultant to join our Cybersecurity Practice as an Incident Handler within our security operations function.
  • In this role, you will lead the detection, investigation, containment, and recovery of security incidents across enterprise and cloud environments, with a strong focus on the Microsoft security ecosystem.

Responsibilities

  • Incident Handling & Response: Lead the end to end handling of security incidents, including detection, triage, investigation, containment, eradication, and recovery.
  • Microsoft Defender (EDR/XDR): Operate, tune, and investigate using Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps.
  • Microsoft Sentinel (SIEM/SOAR): Use Microsoft Sentinel for log analysis, correlation, and automated response. Develop and tune analytic rules, KQL queries, workbooks, and SOAR playbooks.
  • Microsoft Purview & Data Security: Leverage Microsoft Purview for data governance, information protection, insider risk management, and compliance.
  • Data Loss Prevention (DLP): Configure, monitor, and respond to DLP policies across Microsoft 365 and endpoints.
  • Threat Hunting & Detection Engineering: Conduct proactive threat hunting across the Microsoft 365 and Azure estate.
  • Forensics & Root Cause Analysis: Perform host, endpoint, and cloud based investigations and digital forensics.
  • Documentation & Reporting: Produce high quality incident reports, timelines, and post incident reviews.

Qualifications

  • Education: Bachelor’s / college degree in Computer Science, Information Security, or a related field.
  • Experience: At least 8 years of experience in cybersecurity operations, incident response, or security monitoring, with significant hands on experience operating Microsoft security tools.
  • Certifications: Relevant professional certifications are highly desirable, including Microsoft Security Operations Analyst (SC 200), Microsoft Certified: Cybersecurity Architect (SC 100) or Information Protection (SC 400), GIAC incident response / forensics (e.g., GCIH, GCFA), ISC2 (e.g., SSCP or CI
  • Technical Skills: Strong hands on experience with the Microsoft security stack, including Microsoft Defender (EDR/XDR), Microsoft Sentinel, Microsoft Purview, and Microsoft 365 DLP. Proficiency with KQL for investigation and detection. Experience with EDR investigation, log analysis, SIEM/SOAR, endp
  • Knowledge: Strong understanding of incident response methodologies and frameworks (e.g., NIST SP 800 61, SANS), the MITRE ATT&CK framework, the cyber kill chain, and modern attacker techniques. Solid grasp of cybersecurity principles including defense in depth, zero trust, and least privilege. Famil

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at malomatia