94 Cissp jobs in Qatar

BAE Systems Strategic Aerospace Services WLL Full time

The Information Security Engineer willfocus on ensuring the organization's applications and data is secure and builtaccording to best security standards. This role will be the subject matterexpert on building secure code, application security, vulnerability testing,and providing security validation to the organization's environments.

• Performscheduled penetration testing of the company's applications
  
• Performwhite, gray and black box security assessments.
  
• Supportthe organization, JVs and Subsidiaries in implementing Secure Softwaredevelopment lifecycle.
  
• PerformMobile Services security Assessments.
  
• Supportthe organizations' environment monitoring by using available tools or helpbuild internal tools to enable advanced threat detection and response.
  
• ConductSecurity Vulnerability Assessments and impact assessment on company's electronicassets.
  
• PerformSecurity Assessments on ERP and other on-premise solutions.
  
  

Skills,Knowledge and Behaviors:

• Ability to lead directand indirect resources
  
• Ability to communicatetechnical challenges to non-technical audiences
  
• Ability to quantify riskand impact vectors
  
• Certified Ethical Hacker
  
• OCSP level of technicalexpertise
  
• Strong Scriptingcapability
  
• Strong Applicationsecurity background
  
• Strong Infrastructuresecurity Background
  
• Strong experience in open source security tools
  

• SecurityCertification focusing on offensive or defensive practices
  
• Bachelor's degreein Information Security or Computer Engineering
  
• 10 + years incybersecurity field
  
• System, networkand/or application background
  

Overview

The Information Security Engineer will focus on ensuring the organization's applications and data are secure and built according to best security standards. This role will be the subject matter expert on building secure code, application security, vulnerability testing, and providing security validation to the organization's environments.

• Perform scheduled penetration testing of the company's applications
• Perform white, gray and black box security assessments
• Support the organization, JVs and Subsidiaries in implementing Secure Software Development Lifecycle
• Perform Mobile Services security assessments
• Support the organization's environment monitoring by using available tools or help build internal tools to enable advanced threat detection and response
• Conduct security vulnerability assessments and impact assessment on company assets
• Perform security assessments on ERP and other on-premise solutions

• Ability to lead direct and indirect resources
• Ability to communicate technical challenges to non-technical audiences
• Ability to quantify risk and impact vectors
• Certified Ethical Hacker
• OCSP level of technical expertise
• Strong scripting capability
• Strong ISO 27000 understanding
• Strong application security background
• Strong infrastructure security background
• Strong experience in open source security tools

• Security certification focusing on offensive or defensive practices
• Bachelor’s degree in Information Security or Computer Engineering
• 10+ years in cybersecurity field
• System, network and/or application background

• Product development experience

• Mid-Senior level

• Full-time

• Information Technology

• Aviation and Aerospace Component Manufacturing

BAE Systems Strategic Aerospace Services WLL | Full time

The Information Security Engineer willfocus on ensuring the organization's applications and data is secure and builtaccording to best security standards. This role will be the subject matterexpert on building secure code, application security, vulnerability testing,and providing security validation to the organization's environments.

• Performscheduled penetration testing of the company's applications
  
• Performwhite, gray and black box security assessments.
  
• Supportthe organization, JVs and Subsidiaries in implementing Secure Softwaredevelopment lifecycle.
  
• PerformMobile Services security Assessments.
  
• Supportthe organizations’ environment monitoring by using available tools or helpbuild internal tools to enable advanced threat detection and response.
  
• ConductSecurity Vulnerability Assessments and impact assessment on company’s electronicassets.
  
• PerformSecurity Assessments on ERP and other on-premise solutions.
  
  
  

Skills,Knowledge and Behaviors:

• Ability to lead directand indirect resources
  
• Ability to communicatetechnical challenges to non-technical audiences
  
• Ability to quantify riskand impact vectors
  
• Certified Ethical Hacker
  
• OCSP level of technicalexpertise
  
• Strong Scriptingcapability
  
• Strong Applicationsecurity background
  
• Strong Infrastructuresecurity Background
  
• Strong experience in open source security tools
  

• SecurityCertification focusing on offensive or defensive practices
  
• Bachelor’s degreein Information Security or Computer Engineering
  
• 10 + years incybersecurity field
  
• System, networkand/or application background
  

• Perform web application, API, and mobile application penetration testing using industry-leading methodologies (OWASP, PTES, etc.).




• Conduct network penetration testing and infrastructure security assessments.




• Execute Vulnerability Assessment and Penetration Testing (VAPT) engagements, document findings, and recommend remediations.




• Integrate security into the Software Development Lifecycle (SDLC) and advise development teams on secure coding practices.




• Develop, enhance, and maintain security testing frameworks and tools .




• Review and validate security patches, mitigations, and fixes.




• Stay updated on the latest attack techniques, exploits, and threat landscapes to enhance testing methodologies.




• Collaborate with cross-functional teams to support security awareness and risk reduction efforts.

• 46 years of experience in Information Security, with a focus on application and network penetration testing .




• Hands-on experience with tools like Burp Suite, OWASP ZAP, Metasploit, Nmap, Nessus, and other manual testing tools .




• Deep understanding of OWASP Top 10 , SANS Top 25 , and common exploitation techniques.




• Experience in secure SDLC practices and working with development teams to resolve findings.




• Strong knowledge of mobile application security (iOS and Android) and API testing methodologies .




• Excellent report writing and communication skills for both technical and non-technical stakeholders.

• OSCP (Offensive Security Certified Professional)




• OSWE (Offensive Security Web Expert)




• eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)




• PNPT (Practical Network Penetration Tester)




• HTB CPTS (Certified Penetration Testing Specialist)

We are Qatar Insurance Company (QIC), the leading insurance provider in GCC. With a history dating back to 1964, we have established ourselves as a pioneer in the insurance industry, offering innovative solutions to meet the diverse needs of individuals and businesses.

Our vision is to make QIC group become the first Digital Ecosystem in the region by combining insurance and non-insurance services in one platform. Through our digital platforms, such as qic.online and the QIC app (Qatar Digital), we empower customers to manage their needs anytime and anywhere.

Our employees have been featured in Forbes 30 under 30, teach at online universities, serve on program committees of major IT conferences, and have previously worked at Yandex, Tinkoff, Avito, Ozon, and other leading tech companies.

We're looking for a Middle Information Security Engineer to join our Infrastructure team and help strengthen system security, respond to incidents, manage vulnerabilities, and drive key improvements in cybersecurity.

• Administration and maintenance of cybersecurity systems (MDM, AV, EDR, WAF, ZTNA, DLP, AntiDDoS, etc)
• Implementation of cybersecurity tools (SIEM, IDS/IPS, etc.)
• Ensuring the security of the company's infrastructure
• Information security incident response
• Conducting vulnerability scans and patch management

• 3+ years of experience as an Information Security or Cybersecurity Engineer
• Strong knowledge and hands-on experience with WAF (F5 Big-IP), MDM (Jamf), and AV/EDR solutions (CrowdStrike)
• Experience working with ZTNA solutions (e.g. Cloudflare, Zscaler) and DLP platforms (e.g. Forcepoint)
• Proven ability to install, configure, and manage SIEM systems
• Familiarity with a broad range of cybersecurity tools, including IDS/IPS, firewalls (FW/NGFW), Anti-DDoS, and PAM solutions
• Experience with Google Workspace and GCP security features
• Solid understanding and practical experience in infrastructure hardening and overall infrastructure security
• Good grasp of Security as Code and Infrastructure as Code concepts

• Long-term service agreement contract with QIC
• We are diverse - our digital nomads work remotely from 25 different countries
• Payment in US dollars monthly to your bank account using SWIFT
• Full-time remote, work schedule: 5 days per week, Sunday to Thursday
• Vacation policy: Qatar Holiday Calendar, 20 workdays of vacation, and 10 sick days
• Performance reviews are conducted twice a year, with the possibility of a raise in March and September
• Potential opportunity to apply for a Qatar ID and relocation to Doha, Qatar

Comprehensive health coverage accessible worldwide.

Personalized English lessons to enhance language skills for professional growth.

Tailored Arabic lessons to support cultural integration.

Affordable access to mental health services with a generous corporate discount.

Expert guidance on tax policies to optimize financial planning.

Financial support for professional development and essential resources.

Join our Strava club with coaching and marathon support for fitness enthusiasts.

Generous paid time off and sick leave to support well-being.

Flexible salary options for global convenience.

We are open to working with new stacks and technologies that can help us build the best solutions on the market

Vue 3

Storybook

Sentry

Golang

Kafka

gRPC

Camunda

Redis

Vue 3

Sass

Vitest

Strapi

Vite

Sentry

Nx

Typescript

Storybook

Redis

Share your CV so we can consider youwhen opportunities arise in the future

• Perform web application, API, and mobile application penetration testing using industry-leading methodologies (OWASP, PTES, etc.).




• Conduct network penetration testing and infrastructure security assessments.




• Execute Vulnerability Assessment and Penetration Testing (VAPT) engagements, document findings, and recommend remediations.




• Integrate security into the Software Development Lifecycle (SDLC) and advise development teams on secure coding practices.




• Develop, enhance, and maintain security testing frameworks and tools .




• Review and validate security patches, mitigations, and fixes.




• Stay updated on the latest attack techniques, exploits, and threat landscapes to enhance testing methodologies.




• Collaborate with cross-functional teams to support security awareness and risk reduction efforts.

• 46 years of experience in Information Security, with a focus on application and network penetration testing .




• Hands-on experience with tools like Burp Suite, OWASP ZAP, Metasploit, Nmap, Nessus, and other manual testing tools .




• Deep understanding of OWASP Top 10 , SANS Top 25 , and common exploitation techniques.




• Experience in secure SDLC practices and working with development teams to resolve findings.




• Strong knowledge of mobile application security (iOS and Android) and API testing methodologies .




• Excellent report writing and communication skills for both technical and non-technical stakeholders.

• OSCP (Offensive Security Certified Professional)




• OSWE (Offensive Security Web Expert)




• eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)




• PNPT (Practical Network Penetration Tester)




• HTB CPTS (Certified Penetration Testing Specialist)

We are Qatar Insurance Company (QIC), the leading insurance provider in GCC. With a history dating back to 1964, we have established ourselves as a pioneer in the insurance industry, offering innovative solutions to meet the diverse needs of individuals and businesses.

Our vision is to make QIC group become the first Digital Ecosystem in the region by combining insurance and non-insurance services in one platform. Through our digital platforms, such as qic.online and the QIC app (Qatar Digital), we empower customers to manage their needs anytime and anywhere.

Our employees have been featured in Forbes 30 under 30, teach at online universities, serve on program committees of major IT conferences, and have previously worked at Yandex, Tinkoff, Avito, Ozon, and other leading tech companies.

We're looking for a Middle Information Security Engineer to join our Infrastructure team and help strengthen system security, respond to incidents, manage vulnerabilities, and drive key improvements in cybersecurity.

• Administration and maintenance of cybersecurity systems (MDM, AV, EDR, WAF, ZTNA, DLP, AntiDDoS, etc)
• Implementation of cybersecurity tools (SIEM, IDS/IPS, etc.)
• Ensuring the security of the company's infrastructure
• Information security incident response
• Conducting vulnerability scans and patch management

• 3+ years of experience as an Information Security or Cybersecurity Engineer
• Strong knowledge and hands-on experience with WAF (F5 Big-IP), MDM (Jamf), and AV/EDR solutions (CrowdStrike)
• Experience working with ZTNA solutions (e.g. Cloudflare, Zscaler) and DLP platforms (e.g. Forcepoint)
• Proven ability to install, configure, and manage SIEM systems
• Familiarity with a broad range of cybersecurity tools, including IDS/IPS, firewalls (FW/NGFW), Anti-DDoS, and PAM solutions
• Experience with Google Workspace and GCP security features
• Solid understanding and practical experience in infrastructure hardening and overall infrastructure security
• Good grasp of Security as Code and Infrastructure as Code concepts

• Long-term service agreement contract with QIC
• We are diverse – our digital nomads work remotely from 25 different countries
• Payment in US dollars monthly to your bank account using SWIFT
• Full-time remote, work schedule: 5 days per week, Sunday to Thursday
• Vacation policy: Qatar Holiday Calendar, 20 workdays of vacation, and 10 sick days
• Performance reviews are conducted twice a year, with the possibility of a raise in March and September
• Potential opportunity to apply for a Qatar ID and relocation to Doha, Qatar

Comprehensive health coverage accessible worldwide.

Personalized English lessons to enhance language skills for professional growth.

Tailored Arabic lessons to support cultural integration.

Affordable access to mental health services with a generous corporate discount.

Expert guidance on tax policies to optimize financial planning.

Financial support for professional development and essential resources.

Join our Strava club with coaching and marathon support for fitness enthusiasts.

Generous paid time off and sick leave to support well-being.

Flexible salary options for global convenience.

We are open to working with new stacks and technologies that can help us build the best solutions on the market

Vue 3

Storybook

Sentry

Golang

Kafka

gRPC

Camunda

Redis

Vue 3

Sass

Vitest

Strapi

Vite

Sentry

Nx

Typescript

Storybook

Redis

Share your CV so we can consider youwhen opportunities arise in the future