Senior Cybersecurity Consultant (Onsite)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Malomatia seeks a Senior Cybersecurity Consultant to join its Cybersecurity Practice as an Incident Handler in Doha. The role involves leading incident detection, investigation, containment, and recovery across enterprise and cloud environments using Microsoft security tools.
Key Skills for This Role
Responsibilities
- Lead the end to end handling of security incidents, including detection, triage, investigation, containment, eradication, and recovery
- Operate, tune, and investigate using Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps
- Use Microsoft Sentinel for log analysis, correlation, and automated response; develop and tune analytic rules, KQL queries, workbooks, and SOAR playbooks
- Leverage Microsoft Purview for data governance, information protection, insider risk management, and compliance
- Configure, monitor, and respond to DLP policies across Microsoft 365 and endpoints
- Conduct proactive threat hunting across the Microsoft 365 and Azure estate
- Perform host, endpoint, and cloud based investigations and digital forensics to determine root cause, scope, and impact of incidents
- Produce high quality incident reports, timelines, and post incident reviews; maintain runbooks and playbooks
Requirements
- Bachelor’s / college degree in Computer Science, Information Security, or a related field
- At least 8 years of experience in cybersecurity operations, incident response, or security monitoring, with significant hands on experience operating Microsoft security tools
- Strong hands on experience with the Microsoft security stack, including Microsoft Defender (EDR/XDR), Microsoft Sentinel, Microsoft Purview, and Microsoft 365 DLP
- Proficiency with KQL for investigation and detection
- Experience with EDR investigation, log analysis, SIEM/SOAR, endpoint and cloud forensics, and identity platforms (Entra ID and Active Directory)
- Strong understanding of incident response methodologies and frameworks (e.g., NIST SP 800 61, SANS), the MITRE ATT&CK framework, the cyber kill chain, and modern attacker techniques
- Relevant professional certifications (e.g., SC 200, SC 100, SC 400, GCIH, GCFA, CISSP, CySA+) are highly desirable
Full Job Posting
Job Description
- We are seeking a skilled Senior Cybersecurity Consultant to join our Cybersecurity Practice as an Incident Handler within our security operations function.
- In this role, you will lead the detection, investigation, containment, and recovery of security incidents across enterprise and cloud environments, with a strong focus on the Microsoft security ecosystem.
Responsibilities
- Incident Handling & Response: Lead the end to end handling of security incidents, including detection, triage, investigation, containment, eradication, and recovery.
- Microsoft Defender (EDR/XDR): Operate, tune, and investigate using Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps.
- Microsoft Sentinel (SIEM/SOAR): Use Microsoft Sentinel for log analysis, correlation, and automated response. Develop and tune analytic rules, KQL queries, workbooks, and SOAR playbooks.
- Microsoft Purview & Data Security: Leverage Microsoft Purview for data governance, information protection, insider risk management, and compliance.
- Data Loss Prevention (DLP): Configure, monitor, and respond to DLP policies across Microsoft 365 and endpoints.
- Threat Hunting & Detection Engineering: Conduct proactive threat hunting across the Microsoft 365 and Azure estate.
- Forensics & Root Cause Analysis: Perform host, endpoint, and cloud based investigations and digital forensics.
- Documentation & Reporting: Produce high quality incident reports, timelines, and post incident reviews.
Qualifications
- Education: Bachelor’s / college degree in Computer Science, Information Security, or a related field.
- Experience: At least 8 years of experience in cybersecurity operations, incident response, or security monitoring, with significant hands on experience operating Microsoft security tools.
- Certifications: Relevant professional certifications are highly desirable, including Microsoft Security Operations Analyst (SC 200), Microsoft Certified: Cybersecurity Architect (SC 100) or Information Protection (SC 400), GIAC incident response / forensics (e.g., GCIH, GCFA), ISC2 (e.g., SSCP or CI
- Technical Skills: Strong hands on experience with the Microsoft security stack, including Microsoft Defender (EDR/XDR), Microsoft Sentinel, Microsoft Purview, and Microsoft 365 DLP. Proficiency with KQL for investigation and detection. Experience with EDR investigation, log analysis, SIEM/SOAR, endp
- Knowledge: Strong understanding of incident response methodologies and frameworks (e.g., NIST SP 800 61, SANS), the MITRE ATT&CK framework, the cyber kill chain, and modern attacker techniques. Solid grasp of cybersecurity principles including defense in depth, zero trust, and least privilege. Famil
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at malomatia
SOC Thread Specialist
Doha, QAT
Malomatia seeks a SOC Threat Specialist to protect IT and OT environments by detecting, investigating, and hunting cyber threats. The role requires 10 years of information security experience, threat hunting, and malware
Red Team Expert
Doha, QAT
Malomatia in Doha seeks a Red Team Expert to join their Cyber Assurance Team, responsible for conducting ethical hacking, adversary simulations, and developing custom malware to strengthen security defenses. Requires adv
Consultant- Internal Auditing
Doha, QAT
Malomatia seeks an Internal Auditor for a client in Doha to evaluate financial and operational processes, ensure compliance, and strengthen internal controls. The role requires 6-22 years of experience in internal auditi
Information Technology Internal Auditor
Doha, QAT
Malomatia is seeking an experienced IT Internal Auditor for a client in Qatar to evaluate IT systems, financial and operational processes, and ensure compliance with internal policies and regulatory standards. The role f
Internal Auditor
Doha, QAT
malomatia is seeking Financial Internal Auditors for a client in Qatar to evaluate financial and operational processes, ensure compliance, and strengthen internal controls. Candidates need proven experience in internal a
Consultant - Cybersecurity
Doha, QAT
malomatia is seeking a Cybersecurity Consultant to perform risk assessments, support security architecture, and contribute to data security, disaster recovery, and GRC activities. The role requires 2-3 years of cybersecu
Presales Solution Consultant
Doha, QAT
Malomatia seeks a Presales Solution Consultant to shape and present tailored software solutions for government and enterprise clients. You will act as a technical advisor, designing scalable applications and leading tech
Presales Consultant - Business Applications
Doha, QAT
malomatia seeks a Presales Solution Consultant for its Application Development & Modernization unit. You will act as a trusted advisor, leading discovery, solution design, technical presentations, and proposals for custo
SOC Thread Specialist
Doha, QAT
Red Team Expert
Doha, QAT
Consultant- Internal Auditing
Doha, QAT
Information Technology Internal Auditor
Doha, QAT
Internal Auditor
Doha, QAT
Consultant - Cybersecurity
Doha, QAT
Presales Solution Consultant
Doha, QAT
Presales Consultant - Business Applications
Doha, QAT