Senior Cyber Security Analyst (Red Team)

Full Time @ Qatar Airways Sector: Airline & Aviation
  • Doha, Qatar View on Map
  • Date Posted : February 10, 2022
  • Salary: Negotiable
  • Share:

About the job

About Role

You would be part of the Cyber Security team to design and execute Red Team Campaigns and exercises. You will work on complex assignments including traditional Red Team Campaigns, Vulnerability Assessments, Penetration tests, Purple Team Engagements, Code and Tradecraft Development for IT infrastructure, IT applications and OT/IoT environments.

Role & Responsibilities

  • Digesting and translating Cyber Threat Intelligence into bespoke attack scenarios for the purposes of measuring detection and response capabilities for IT infrastructure, applications, OT and IOT environments.
  • Conducting targeted penetration testing of exercise and test events with the application of targeted sophisticated attacks as a simulated adversary
  • Participating in event planning stages to develop cyber assessment plans and conducting no-notice penetration tests
  • Creating Red Team support materials (e.g. Probabilistic Attack Graphs, Cyber Exercise Playbooks etc.)
  • Assisting with the on-boarding of new members of the Red Team through work shadowing and knowledge transfer sessions
  • Supporting the identification of controls to remediating and/or mitigating identified security weaknesses of systems, applications, processes and procedures.
  • Ensuring that testing is conducted in accordance with regulatory frameworks and compliance requirements
  • Supporting the application of consistent use of Group and industry standard Test methodologies, standards and tools (including metrics).

Experience and Skills required for this role

  • Bachelor Degree with minimum 6 years of job related experience
  • Experience with managing Cyber Security over a large geographically dispersed technology environment
  • Relevant technical knowledge to be able to automate tasks using a scripting language (Python, Perl, Ruby, etc.)
  • The ability to perform targeted penetration tests with and without use of automated tools
  • Demonstrated specialist knowledge of malware packing and obfuscation techniques, software exploitation (web, client-server and mobile) on modern operation systems and of the Windows and *NIX operating systems
  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
  • Past working experience in a relevant IT Security Testing or Penetration Testing role
  • Past working experience in a relevant Red Team role is desirable but not essential
  • Self-awareness with confidence to work independently and take responsibility for own development
  • Both spoken and written communication skills with experience of adapting your style and approach to the audience and message to be delivered
  • Planned projects and activities systematically in line with business priorities, using a variety of analysis and problem solving techniques

Certifications (preferred)

Offensive Security Certified Professional (OSCP)

Offensive Security Wireless Professional (OSWP)

Certified Ethical Hacker (CEH)

CompTIA PenTest+

Offensive Security Experienced Penetration Tester Certification (OSEP)

Related Jobs