About the job
Hamad International Airport is ranked as the ‘World’s Best Airport’ at the SKYTRAX World Airport Awards 2024. Hamad International Airport has a team of passionate, dedicated and highly trained individuals from all around the world.
We are looking for a potential candidate who has experience in controls and overseas installations , upgrades , maintenance and support of IT Infrastructure services.
Key Accountabilities
Conducting targeted penetration testing exercise and test events with the application of targeted sophisticated attacks as a simulated adversary for IT infrastructure, applications, OT and IOT environments.
Participating in event planning stages to develop cyber assessment plans and conducting no-notice penetration tests
Creating Red Team support materials (e.g. Probabilistic Attack Graphs, Cyber Exercise Playbooks etc.)
Consult on, design, and execute adversary emulation operations
Conduct research, develop, and apply offensive Tactics, Techniques and Procedures (TTP’s) in order to effectively mimic the capabilities of relevant threat actors and to develop proof-of-concept tools and playbooks
Bypass preventative and detective security controls to accomplish operational goals
Partner with the Cyber Security Incident Response Team and other stakeholders in the organization to identify improvement opportunities
Collaborate with Cyber Threat Intelligence, Detection, and Threat Hunting engineers and analysts on research
Work with non-security engineering teams to educate, and collaborate on operational objectives
Continually test and improve technical infrastructure to support operations
Apply applicable threat intelligence in order to mimic relevant threat actors Operate and deliver red team operations;
Innovate and keep developing the approach to align with relevant TTP’s and trends;
Qualifications
- High School qualification/ Vocational/ Diploma or equivalent with minimum of 5 years of Job related experience
- Bachelors degree with minimum 4 years of Job related experience
- Demonstrates basic offensive security knowledge & seeks out cross-team collaboration opportunities
- Demonstrates a basic understanding of the impact of Red Team work on an organization and its customers
- Clearly and respectfully communicates technical issues in a training or mentorship setting
- Builds strong commitment within a team to support the appropriate priorities
- Stays current on relevant technologies with self-directed learning and should have a strong understanding of networking concepts, Windows, Linux and Mac operating systems vulnerabilities and exploitation
- Ability to code & develop tools in one or more programming languages and frameworks in one or more interpreted languages ( e.g. Python, C#, PowerShell, Golang, or C project development)
- Ability to analyze the tools and techniques of in-the-wild threat actors
- Understands Threat Actor trends impacting organizational security
- Security testing of cloud environments and should have worked on major public cloud providers (Azure, AWS, GCP etc.).
- Experience in offensive security tool development, customization or expansion.
- One or more of similar certifications (OSCP, OSEP, OSCE, GPEN, GXPN, CRTO, CREST Certified Simulated Attack Manager).