This page was automatically translated and may contain errors. View in English.
malomatia

Senior Cybersecurity Consultant

malomatia

Doha, Doha Municipality, Qatar • Vollzeit

Bewerben Sie sich als Erste/r!

Erfahrung
Ab 8 Jahren
Gehalt
Stellenangebote
1
Veröffentlicht
vor 5 Stunden
Arbeitsmodus
Im Büro
Ausbildung
Bachelor-Abschluss
Teilnahmeberechtigung
Professionals with strong experience in cybersecurity operations, incident response, security monitoring, and the Microsoft security ecosystem can apply.
Wieder aufnehmen
Bewerbung erforderlich

Wo Sie arbeiten werden

Stellenbeschreibung

Role overview

We are looking for an experienced Senior Cybersecurity Consultant to join the Cybersecurity Practice as an Incident Handler in the security operations team. The position focuses on leading the identification, analysis, containment, and restoration of services after security incidents across enterprise and cloud environments, with primary emphasis on Microsoft security technologies.

The role is centered on incident response, threat detection and hunting, and the daily operation of Microsoft security platforms such as Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Data Loss Prevention. You will manage incidents through the full lifecycle and help strengthen detection and response capabilities over time.

You will collaborate with SOC analysts, threat intelligence professionals, and IT operations teams to evaluate alerts, lead investigations, coordinate containment and cleanup actions, and conduct lessons-learned reviews. In addition, you will refine detections, build response playbooks, and support proactive threat hunting across Microsoft 365 and Azure environments.

This position calls for deep practical expertise in incident response and the Microsoft security stack, strong investigative and forensic ability, and the confidence to make sound decisions during active security events.

Responsibilities

  • Take ownership of security incidents from start to finish, covering detection, triage, investigation, containment, eradication, and recovery in line with incident response procedures and service-level expectations.
  • Use Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps to monitor, tune, investigate, and respond to threats across endpoints, identities, email, and cloud services.
  • Work with Microsoft Sentinel for log review, correlation, and automated response, including the creation and refinement of analytic rules, KQL queries, workbooks, and SOAR playbooks.
  • Apply Microsoft Purview for data governance, information protection, insider risk activities, and compliance-related investigations, including support for data security and DLP operations.
  • Manage DLP policies across Microsoft 365 and endpoints to identify and prevent unauthorized data leakage while reducing false positives through policy improvements.
  • Carry out proactive threat hunting across Microsoft 365 and Azure, create new detections, and improve existing logic using threat intelligence and findings from past incidents.
  • Perform endpoint, host, and cloud investigations and digital forensics to establish root cause, scope, and impact, while preserving evidence according to best practice.
  • Prepare detailed incident reports, timelines, and post-incident reviews, and keep runbooks and playbooks current while providing clear updates to stakeholders and clients.

Requirements

  • Bachelor’s or college degree in Computer Science, Information Security, or another related discipline.
  • Minimum of 8 years’ experience in cybersecurity operations, incident response, or security monitoring, with substantial hands-on use of Microsoft security tools.
  • Relevant certifications are strongly preferred, including Microsoft Security Operations Analyst (SC-200), Microsoft Certified: Cybersecurity Architect (SC-100), Microsoft Certified: Information Protection (SC-400), GIAC incident response/forensics certifications such as GCIH or GCFA, ISC2 certifications such as SSCP or CISSP, or CompTIA CySA+.
  • Strong practical experience with Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Microsoft 365 DLP.
  • Ability to use KQL effectively for investigations and detection development.
  • Experience with EDR investigations, log analysis, SIEM/SOAR workflows, endpoint and cloud forensics, and identity platforms such as Entra ID and Active Directory.
  • Preferred exposure to scripting tools such as PowerShell for automation.
  • Good understanding of incident response frameworks and methodologies such as NIST SP 800-61 and SANS, along with MITRE ATT&CK, the cyber kill chain, and common attacker behaviours.
  • Solid knowledge of cybersecurity fundamentals including defense-in-depth, zero trust, and least privilege.
  • Familiarity with ISO 27001 and CIS Benchmarks.
  • Knowledge of Qatar National Information Assurance (NIA) is an advantage.

Eligibility

Candidates with the required background in cybersecurity operations, incident response, and Microsoft security tooling may apply. The role is suitable for professionals with substantial hands-on experience in security monitoring and incident handling.

Additional information

This is a full-time, onsite position based in Doha, Qatar.

No stipend or salary amount was specified in the source.

Lassen Sie es so, wenn Sie eine Antwort wünschen – wir werden es für nichts anderes verwenden.

Zum Durchsuchen klicken, per Drag & Drop, oder Paste ein Screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Maximal 20 MB pro Datei · Bis zu 5 Dateien

🤖
Online · Sofortige KI-Hilfe