124 Cyber Security Manager Soc jobs in Qatar

JOB PURPOSE

To oversee, implement, and monitor the organization's Information Security program in accordance with Qatar Central Bank (QCB) regulations and international security standards. This role ensures the confidentiality, integrity, and availability of Almana Exchange's data and systems through independent risk-based governance, policy enforcement, and compliance oversight.

KEY RESULTS AREAS / DELIVERABLES & KEY ACTIVITIES

INFORMATION SECURITY GOVERNANCE

• Establish and maintain Almana Exchange's Information Security framework, aligned with QCB instructions and industry best practices.
• Define and regularly update information security policies, procedures, and standards to protect company assets.
• Communicate the Information Security strategy and policies to staff across departments to ensure organization-wide awareness and adherence.
• Ensure compliance with QCB Technology Risk requirements and contribute to external and internal audit engagements.
• Serve as the focal point for all regulatory requirements related to information security.
• Ensure security-related roles and responsibilities are clearly defined and communicated throughout the organization.

RISK MANAGEMENT & COMPLIANCE OVERSIGHT

• Identify, assess, and monitor technology risks across Almana Exchange's infrastructure and services.
• Implement a formal Information Security Risk Management framework that includes risk classification, likelihood and impact analysis, risk ownership, and treatment planning.
• Ensure a regular schedule for risk assessments, penetration testing, and vulnerability analysis is in place.
• Oversee the incident reporting and escalation process and ensure proper documentation and resolution.
• Report the security posture and key risks periodically to senior management and QCB as required.
• Follow up on risk remediation and control gaps identified during assessments or audits

ASSET CLASSIFICATION & PROTECTION

• Establish a data classification scheme and ensure critical assets are labeled and handled accordingly.
• Coordinate the maintenance of an enterprise-wide asset registry covering data, systems, and applications.
• Define security control requirements based on asset classification, including data encryption, segregation, and access control.
• Ensure that information assets are adequately protected using approved controls and frameworks.
• Collaborate with IT to validate the effective implementation of these controls.
• Promote best practices for data handling, storage, and disposal in accordance with regulatory mandates.

AWARENESS, TRAINING & STAKEHOLDER COMMUNICATION

• Develop and lead periodic Information Security awareness programs for staff, including phishing simulations and compliance refreshers.
• Provide advisory support to departments on new projects, ensuring security is embedded by design.
• Serve as the key liaison for information security matters between Almana Exchange and third parties (vendors, service providers, and regulators).
• Deliver presentations to leadership and contribute to board-level security updates as needed.
• Lead the internal communication of any security events, policy updates, or new regulatory requirements.
• Support business continuity and disaster recovery planning initiatives from a security standpoint.

MONITORING, REPORTING & SECURITY METRICS

• Oversee continuous monitoring of the organization's cybersecurity environment, including threat intelligence and control effectiveness.
• Ensure between Information Security reporting and QCB's regulatory templates and audit alignment expectations.
• Collect, analyze, and report on security Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
• Coordinate with IT security operations to gather insights and validate threat detection and response capabilities.
• Generate monthly and quarterly management reports on Information Security status, risks, and ongoing initiatives.
• Monitor compliance with ISO 27001, NIST, or equivalent standards.

Skills

EDUCATION

• Bachelor's degree in Information Security, Computer Science, MIS, or a related technical field.
• Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or equivalent mandatory.

EXPERIENCE

• Minimum 6-8 years of experience in Information Security, Risk, or Governance.
• Prior experience working in a regulated financial institution or exchange house is highly preferred.
• Familiarity with QCB regulations and international frameworks (ISO 27001, NIST, COBIT, CIS).

COMPETENCIES

• Strong understanding of information security principles, threat management, and compliance reporting.
• Excellent knowledge of data privacy, encryption, access controls, and regulatory risk.
• Strong analytical, communication, and presentation skills.
• High integrity and professional discretion when handling sensitive and confidential information.
• Ability to assess and articulate information security risk in business terms.
• Detail-oriented with strong planning, organizational, and problem-solving skills.
• Capable of building productive relationships across cross-functional teams.

Direct message the job poster from OISSG Consultancy

• Lead and deliver ISO 27001 / ISO 22301 / ISO 27701 implementation projects.
• Independently manage GRC assignments, including establishing client-specific risk management frameworks.
• Conduct risk-based IS audits and drive improvements in project-level ISMS documentation with client sign-off.
• Guide and support ISMS consultants; coordinate with certification auditors to ensure timely closure of non-conformities.
• Lead data privacy engagements and maintain effective communication with key stakeholders for ongoing security enhancements.
• Stay current with industry threats and trends; provide accurate cost estimates for security tools and solutions.
• Support business development and pre-sales through client meetings and proposal creation

• Intensive understanding of security methodologies and industry standards (e.g. ISO 27001, Business Continuity Standards, IT Governance)

• Excellent Communication and Presentation Skills

• Exposure to the NIST Cybersecurity Framework and other international security standards is a plus.

Experience:

• 4 to 7 years preferably with consulting background in ISMS.

• Minimum handled 5 end to end ISMS implementation.

Qualifications:

• Bachelor’s degree in science/computer applications.

• Relevant Certification from authorized training body (CISA / CISM / CISSP) is essential

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Consulting
• Industries Business Consulting and Services

Referrals increase your chances of interviewing at OISSG Consultancy by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are hiring an Information Security Analyst to join our team in Umm-Salal. As an Information Security Analyst, you will be responsible for protecting our organization's computer systems and networks from potential cyber threats. Your duties will include monitoring network activity, conducting security audits, and implementing security measures to prevent unauthorized access. You will also respond to security incidents and ensure compliance with industry regulations.

The ideal candidate will have a strong understanding of information security principles and experience with security tools and technologies. This position is open to Indian nationals who do not require English proficiency or prior experience in the field. We offer a free visa and ticket , but accommodation is not included. The salary offered is $1400 .

If you are passionate about data security and keen on identifying vulnerabilities, we encourage you to apply for this position.

Primary responsible for planning, coordinating, and organizing Information Security activities.

Enforce and monitor the implementation and compliance with IT Information Security Policy.

Develop and manage the implementation of Information Security Policies and Procedures.

Ensure Risk Assessments are conducted on all information systems such as people, process, technology, and information processing facilities.

Ensure implementation of all Information Security controls, as set forth in the Risk Treatment Plan, to ensure adequate security for the respective system.

Conduct Information Security communications and outreach by leveraging the Information Security Management System (ISMS) committee.

Establish appropriate measures to assess operational capabilities and determine compliance and effectiveness levels with Information Security Policy.

Supervise other related assurance functions, as necessary.

Ensure the compliance of Information Security Policies in the organization.

Develop and ensure implementation of Information Security procedures.

Develop and ensure implementation of incident handling and reporting.

Follow-up, escalate, and report the resolution of Information Security issues identified during security assessments, penetration tests, and audits.

Develop, implement, and maintain Disaster Recovery (DR) procedures and infrastructure in relation to the Business Continuity Plan (BCP) / IT Service Contingency Plan.

Conduct and coordinate Information Security awareness and orientation programs.

Responsible for conducting Committee meetings.

Security Incident Management

Establish a formal procedure for internally reporting and tracking security incidents. Ensure incident response and escalation procedures are followed, and inform all employees, contractors, and third-party users of their responsibility to report security incidents.

Incident Handling :

Participate and / or oversee the investigation and management of information security events and policy violations and track them to conclusion.

Incident Notification and Reporting :

Follow policy for the notification and reporting of incidents immediately upon discovery.

Corrective / Preventive Actions :

Develop and document corrective action plans and implement preventive actions to mitigate recurrence.

Analyze a security incident to detect an underlying problem that exists or is likely to exist.

Categorize and prioritize the problem based on the frequency, severity, and impact of the incident.

Investigate and diagnose the root cause of the problem.

Test and apply temporary workarounds.

Document the known error record.

Create a formal process to address risk through the coordination and control of activities regarding each risk.

Conduct formal vulnerability assessments of the environment on a regular basis.

Create a formal process to mitigate vulnerabilities and more.

Qualifications

Experience

8+ years in IT work experience

5+ years in a similar role

Education

Bachelor of Engineering

Or Bachelor of IT

Or Bachelor of Computer Science

Certifications

CRISC – Certified in Risk and Information Systems Control

Or ISO / IEC 27001 Lead Implementer or Lead Auditor

Or CISSP – Certified Information Systems Security Professional

Required Skillset

Expertise in implementation of security frameworks such as NIST , ISO / IEC 27001 , and other local regulations and frameworks.

Expertise in compliance requirements like GDPR , HIPAA , PCI DSS , SOX , and other relevant laws and regulations.

Expertise in conducting risk assessments , identifying security risks, evaluating impact, and implementing mitigation strategies.

Expertise in developing policies , procedures , and processes .

Expertise in creating and managing security awareness and training programs to educate employees on cybersecurity threats and best practices.

Information Security Officer • Doha, ad-Dawhah, Qatar

We are hiring an Information Security Analyst to join our team in Umm-Salal. As an Information Security Analyst, you will be responsible for protecting our organization's computer systems and networks from potential cyber threats. Your duties will include monitoring network activity, conducting security audits, and implementing security measures to prevent unauthorized access. You will also respond to security incidents and ensure compliance with industry regulations.

The ideal candidate will have a strong understanding of information security principles and experience with security tools and technologies. This position is open to Indian nationals who do not require English proficiency or prior experience in the field. We offer a free visa and ticket , but accommodation is not included. The salary offered is $1400 .

If you are passionate about data security and keen on identifying vulnerabilities, we encourage you to apply for this position.

Direct message the job poster from OISSG Consultancy

• Lead and deliver ISO 27001 / ISO 22301 / ISO 27701 implementation projects.
• Independently manage GRC assignments, including establishing client-specific risk management frameworks.
• Conduct risk-based IS audits and drive improvements in project-level ISMS documentation with client sign-off.
• Guide and support ISMS consultants; coordinate with certification auditors to ensure timely closure of non-conformities.
• Lead data privacy engagements and maintain effective communication with key stakeholders for ongoing security enhancements.
• Stay current with industry threats and trends; provide accurate cost estimates for security tools and solutions.
• Support business development and pre-sales through client meetings and proposal creation

• Intensive understanding of security methodologies and industry standards (e.g. ISO 27001, Business Continuity Standards, IT Governance)

• Excellent Communication and Presentation Skills

• Exposure to the NIST Cybersecurity Framework and other international security standards is a plus.

Experience:

• 4 to 7 years preferably with consulting background in ISMS.

• Minimum handled 5 end to end ISMS implementation.

Qualifications:

• Bachelor's degree in science/computer applications.

• Relevant Certification from authorized training body (CISA / CISM / CISSP) is essential

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Consulting
• Industries Business Consulting and Services

Referrals increase your chances of interviewing at OISSG Consultancy by 2x

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.