This role is part of Qatar Airways Group – Cyber Security and is responsible for the development and day-to-day oversight of the Vulnerability Assessment and Penetration Testing (VAPT) team. The position involves coordinating, executing, and reporting on comprehensive VAPT operations to identify cyber vulnerabilities and reduce the risk posture of Qatar Airways Group enterprise systems.

The successful candidate for this position will join an exciting and dynamic environment to build and deliver industry-leading vulnerability assessment and penetration testing capabilities. Their work will continuously protect and defend Qatar Airways Group’s brand, systems, and data, enhance information security posture against a broad range of cyber threats, and develop strategies to address vulnerabilities and risks most effectively.

Your Duties Would Include

• Provide technical leadership and execute vulnerability assessment and penetration testing operations to highlight gaps impacting organization security postures.
• Lead the identification, assessment, and exploitation of security vulnerabilities across a wide array of systems and applications in various VAPT scenarios.
• Ability to work both independently as well as lead and guide VAPT team members.
• Conduct research, develop, and apply offensive security methodologies, tools, and techniques to effectively identify and validate vulnerabilities and develop proof-of-concept exploits and testing playbooks.
• Review and perform in-depth analysis of VAPT testing results and oversee reporting that describes findings, exploitation procedures, risks, and recommendations.
• Partner and collaborate with relevant stakeholders in the organization to identify improvement opportunities based on VAPT findings.
• Work with non-security engineering teams to educate and collaborate on operational objectives related to vulnerability management and remediation.

Qualification

We Are Looking For a Passionate And Experienced Professional To Join Our IT – Digital Resilience – Cyber Security Operations & Platforms Team. The Ideal Candidate Should Possess The Following

• Bachelor’s degree with 5+ years of experience in offensive security, including network, web application and wireless target environments. Additional experience in OT environment assessments is a plus.
• Experience to lead a technical team to conduct remote and on-site penetration testing.
• Experience with manual attack and penetration testing.
• Experience with scripting / programming skills with ability to code comfortably in one or more interpreted languages (e.g. Python, C#, PowerShell, Golang, Java)
• Should have a strong understanding of networking concepts, Windows, Linux and Mac operating systems vulnerabilities and exploitation.
• Proficient in Active Directory attack paths and threats impacting organizational security.
• Security testing of cloud environments and should have experience in major public cloud providers (Azure, AWS, GCP).
• One or more similar certifications (OSCE, OSEP, OSEE, OSWE, CRTL, GXPN).