Technology Services Controller (Cyber Security Incident Response)

Job title

Technology Services Controller (Cyber Security Incident Response)

Ref #

250000LL

Location

Qatar - Doha

Job family

Corporate & Commercial

• Closing date: 02-Nov-2025
  
  

About Role

You would be part of the Cyber Security Incident Response team with an operational role to quickly identify, respond to cyber incidents to our global infrastructure. This is a hands-on technical cyber security role with expertise in Security incident response and in the areas of endpoint security, application security, network security or Cloud security.

Role And Responsibilities

• Lead or assist in investigations during active incidents, including those surfaced by Microsoft Sentinel and Defender XDR alerts.
• Use Microsoft Defender XDR to correlate alerts across Defender for Endpoint, Identity, Cloud Apps, and Office 365, enabling unified incident response.
• Perform proactive threat hunting using Microsoft Sentinel’s KQL queries, livestream, and notebooks. Develop hypotheses and use API libraries for advanced hunting scenarios.
• Design and deploy SOAR playbooks in Microsoft Sentinel to automate incident response actions. These include alert triage, entity enrichment, and containment workflow.
• Coordinate with MSSP and CST teams for continuous use-case testing and purple team exercises.
• Assist and/or lead investigations in active security incident scenarios, supporting the organization through the Incident Response lifecycle.
• Must also be able to participate in rotating on call schedule and must be able to work collaboratively. Having the ability to work outside of normal working hours as required due to critical incidents or emergency calls, will be essential to success in this role.
• Routinely prepare written technical documentation and reports of findings, along with recommendations, that result from cases involving forensic analysis and incident response.
• Develop and update operational playbook for various cyber incident scenarios including Data breach, ransomware, supply chain compromise etc.,
• Analyze various log, network, malware, forensic, and cyber threat intel to validate security threats, recommend appropriate countermeasures, and assess impact of cyber incidents.
• Assist the Cyber Security manager in the analysis of security breaches to identify the root cause and to implement preventive measures.
  
  

Qualifications

About You

• Bachelor Degree holder with minimum 5-7 years of relevant experience.
• 3+ years' experience with Incident Response, Forensics, and/or Malware Analysis.
• Have at least one of the relevant certifications: SANS GIAC: GCIA, GCFA, GCFE, GREM, GXPN, GMON, or GCIH, ISC2: CCFP, CCSP, CISSP CERT CSIH, EC Council: CHFI or ECSA;
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK).
• Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation.
• Experience with investigating using a wide variety of detective technologies SOAR, packet capture analysis, and host forensics and memory analysis tools.
• Expert knowledge on Defender for Endpoint and Servers for effective incident response actions.
  
  

About Qatar Airways Group

Our story started with four aircraft. Today, we deliver excellence across 12 different businesses coming together as one. We’ve grown fast, broken records and set trends that others follow. We don’t slow down by the fear of failure. Instead, we dare to achieve what’s never been done before.

So whether you’re creating a unique experience for our customers or innovating behind the scenes, every person contributes to our proud story. A story of spectacular growth and determination. Now is the time to bring your best ideas and passion to a place where your ambition will know no boundaries, and be part of a truly global community.

https://aa115.taleo.net/careersection/QA_External_CS/jobapply.ftl?lang=en&job=250000LL