79 Cybersecurity Specialist jobs in Qatar

Senior Offensive Cybersecurity Specialist Role- Senior Offensive Cybersecurity Specialist

Duration- Full time

Experience - 10+ years

Position Summary:

We are seeking a Senior Offensive Security Consultant with a strong knowledge of offensive security practices and a proven ability to work independently. This role focuses on managing and integrating security tools across the software development lifecycle, particularly within CI/CD environments and containerized infrastructures. While hands-on offensive testing experience is not mandatory, the candidate must demonstrate a deep understanding of offensive security methodologies and tooling.

The ideal candidate will possess an awareness of the latest AI-driven security tooling and use cases for the software development lifecycle for the purpose of implementing scalable technical solutions. In addition, the candidate will be a self-starter who can operate autonomously, communicate effectively across technical and business teams, and drive security initiatives with minimal oversight.

Responsibilities Security Tool Management & Integration

· Own the deployment, configuration, and maintenance of:

o Static Application Security Testing (SAST) tools

o Dynamic Application Security Testing (DAST) tools

o Breach and Attack Simulation (BAS) tools

o Container Security Solutions (e.g., image scanning, runtime protection)

· Integrate security tools into CI/CD pipelines to enable automated and continuous security validation.

· Monitor tool performance, ensure scalability, and optimize configurations for accuracy and efficiency.

Security Strategy & Enablement · Provide strategic guidance on offensive security practices including:

o Vulnerability identification

· Support red team and penetration testing efforts by enabling tooling and providing technical insights.

· Collaborate with development, DevOps, and cloud teams to embed security early in the SDLC.

· Evaluate and enhance the security posture of containerized environments (e.g., Docker, Kubernetes).

· Implement container image scanning, runtime protection, and orchestration security best practices.

· Work with cloud-native security tools and configurations across AWS, Azure, or GCP.

Autonomous Execution & Ownership · Take full ownership of assigned projects and deliverables with minimal supervision.

· Proactively identify gaps in security tooling, processes, or coverage and propose solutions.

· Maintain documentation, dashboards, and reporting mechanisms for tool usage and effectiveness.

· Translate technical findings into clear, actionable insights for both technical and non-technical stakeholders.

· Present risk assessments, tool evaluations, and remediation strategies to leadership.

· Mentor junior team members and contribute to internal knowledge sharing and training initiatives.

Required Qualifications and Experience · University graduate in Computer Science subject

· Strong understanding of offensive security concepts and frameworks, including MITRE ATT&CK, vulnerability exploitation, DevSecOps and OWASP top ten projects.

· Experience managing or integrating SAST, DAST, attack simulation, and container security tools into CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps)

· Awareness of current breach and attack simulation platforms and AI-driven CI/CD pen testing solutions and their use cases (e.g., Cytix, SafeBreach, AttackIQ, Cymulate).

· Strong knowledge of container and kubernetes security

· Ability to work independently and manage multiple priorities in a fast-paced environment.

· Excellent verbal and written communication skills.

Preferred Qualifications and Experience · Certifications such as OSCP, CRTO, OSCE, or equivalent.

· Experience of streamlining SDLC processes and workflows using AI techniques and approaches

· Experience with cloud platforms (AWS, Azure, GCP) and their native security services.

What We Offer · A dynamic and autonomous work environment.

· Opportunities to influence security strategy and tooling across the organization.

· Access to cutting-edge technologies and security platforms.

· A collaborative team culture focused on innovation and continuous improvement.

#J-18808-Ljbffr

• This role is designed for a professional deeply committed to safeguarding sensitive personal data and ensuring compliance with global and regional data protection regulations (e.g., GDPR, CCPA, Qatar PDPPL). You will lead efforts to identify, classify, and protect PII across the organization while embedding privacy-by-design principles into business processes. Your responsibilities will span data lifecycle governance, third-party risk management, regulatory compliance, and incident response, ensuring that all data processing activities align with legal and ethical standards.
• This position requires a strategic thinker who can balance technical controls with regulatory requirements, collaborate cross-functionally to mitigate risks, and foster a culture of data privacy

KEY RESPONSIBILITIES

1. Data Governance & Compliance

Data Lifecycle Governance :

• Design and implement end-to-end data lifecycle policies to govern data from creation / collection to archival and secure deletion, ensuring compliance with legal, regulatory, and business requirements.
• Define retention schedules, archival protocols, and secure disposal methods for sensitive data (e.g., PII, financial records) in collaboration with legal and IT teams.

Data Classification

• Develop / Enhance Data Classification Frameworks : Design and implement a tiered classification system (e.g., Public, Internal, Restricted, Confidential) to categorize data based on sensitivity, regulatory requirements, and business impact.
• Define Classification Standards : Establish clear criteria for labeling data types (e.g., PII, financial records, intellectual property) and enforce metadata tagging for traceability.

Regulatory Compliance :

• Ensure adherence to GDPR, CCPA, Qatar PDPPL, and other applicable laws by implementing consent management frameworks, data subject rights workflows, and breach notification protocols.

2. Technical Safeguards & Risk Mitigation

Data Protection Controls :

• Implement encryption, tokenization, and pseudonymization for PII at rest and in transit.
• Deploy Data Loss Prevention (DLP) tools to monitor and restrict unauthorized data transfers.

3. Third-Party & Vendor Oversight

• Assess third-party vendors for compliance with data protection obligations through questionnaires, audits, and contractual reviews.

Data Processing Agreements (DPAs) :

• Draft and enforce DPAs to ensure vendors adhere to organizational privacy standards and regulatory mandates.

TECHNICAL REQUIREMENTS

• Expertise in data protection technologies : DLP, encryption (AES-256, TLS), and anonymization tools.
• Proficiency with compliance platforms : OneTrust, TrustArc, or similar for PIAs and consent management.
• Familiarity with cloud security (AWS / Azure / GCP IAM, storage ACLs) and data residency requirements.
• Knowledge of privacy-enhancing technologies (PETs) such as differential privacy or homomorphic encryption.
• Experience with incident response tools for breach detection and analysis.
• Basic scripting skills (Python, SQL) for data mapping and workflow automation.

CERTIFICATIONS

• Required : CIPP (Certified Information Privacy Professional) or CIPM (Certified Information Privacy Manager).
• Preferred : ISO 27001 Lead Implementer, CDPSE (Certified Data Privacy Solutions Engineer).
• Advantageous : Cloud-specific certifications.

REQUIRED EXPERIENCE

• 3+ years in data protection, privacy compliance, or PII governance roles.
• Demonstrated experience conducting PIAs, managing DSARs, and responding to data breaches.
• Proven track record in implementing GDPR / CCPA / Qatar PDPPL requirements within complex organizations.
• Familiarity with third-party risk management frameworks and contract negotiation.

IDEAL CANDIDATE PROFILE

You are a detail-oriented professional with a deep understanding of global privacy regulations and the technical acumen to translate legal requirements into actionable controls. You thrive in collaborative environments, excel at simplifying complex privacy concepts for non-technical stakeholders, and are passionate about fostering a privacy-first culture. Your ability to balance proactive risk mitigation with operational efficiency will be critical in protecting the organization’s reputation and maintaining stakeholder trust.

• Skillset Required : Proactive, Loss Prevention, Iso 27001, Devops, Azure, Policy Development, Information Security, Compliance, Intellect, Python, Data Handling, Workflow, Iam, Excel, Triggers, Detail-oriented, Sql, Design Principles, Trends

#J-18808-Ljbffr

This role is designed for a professional deeply committed to safeguarding sensitive personal data and ensuring compliance with global and regional data protection regulations (e.g., GDPR, CCPA, Qatar PDPPL). You will lead efforts to identify, classify, and protect PII across the organization while embedding privacy-by-design principles into business processes. Your responsibilities will span data lifecycle governance, third-party risk management, regulatory compliance, and incident response, ensuring that all data processing activities align with legal and ethical standards. This position requires a strategic thinker who can balance technical controls with regulatory requirements, collaborate cross-functionally to mitigate risks, and foster a culture of data privacy KEY RESPONSIBILITIES 1. Data Governance & Compliance Data Lifecycle Governance : Design and implement end-to-end data lifecycle policies to govern data from creation / collection to archival and secure deletion, ensuring compliance with legal, regulatory, and business requirements. Define retention schedules, archival protocols, and secure disposal methods for sensitive data (e.g., PII, financial records) in collaboration with legal and IT teams. Data Classification Develop / Enhance Data Classification Frameworks : Design and implement a tiered classification system (e.g., Public, Internal, Restricted, Confidential) to categorize data based on sensitivity, regulatory requirements, and business impact. Define Classification Standards : Establish clear criteria for labeling data types (e.g., PII, financial records, intellectual property) and enforce metadata tagging for traceability. Regulatory Compliance : Ensure adherence to GDPR, CCPA, Qatar PDPPL, and other applicable laws by implementing consent management frameworks, data subject rights workflows, and breach notification protocols. 2. Technical Safeguards & Risk Mitigation Data Protection Controls : Implement encryption, tokenization, and pseudonymization for PII at rest and in transit. Deploy Data Loss Prevention (DLP) tools to monitor and restrict unauthorized data transfers. 3. Third-Party & Vendor Oversight Assess third-party vendors for compliance with data protection obligations through questionnaires, audits, and contractual reviews. Data Processing Agreements (DPAs) : Draft and enforce DPAs to ensure vendors adhere to organizational privacy standards and regulatory mandates. TECHNICAL REQUIREMENTS Expertise in data protection technologies : DLP, encryption (AES-256, TLS), and anonymization tools. Proficiency with compliance platforms : OneTrust, TrustArc, or similar for PIAs and consent management. Familiarity with cloud security (AWS / Azure / GCP IAM, storage ACLs) and data residency requirements. Knowledge of privacy-enhancing technologies (PETs) such as differential privacy or homomorphic encryption. Experience with incident response tools for breach detection and analysis. Basic scripting skills (Python, SQL) for data mapping and workflow automation. CERTIFICATIONS Required : CIPP (Certified Information Privacy Professional) or CIPM (Certified Information Privacy Manager). Preferred : ISO 27001 Lead Implementer, CDPSE (Certified Data Privacy Solutions Engineer). Advantageous : Cloud-specific certifications. REQUIRED EXPERIENCE 3+ years in data protection, privacy compliance, or PII governance roles. Demonstrated experience conducting PIAs, managing DSARs, and responding to data breaches. Proven track record in implementing GDPR / CCPA / Qatar PDPPL requirements within complex organizations. Familiarity with third-party risk management frameworks and contract negotiation. IDEAL CANDIDATE PROFILE You are a detail-oriented professional with a deep understanding of global privacy regulations and the technical acumen to translate legal requirements into actionable controls. You thrive in collaborative environments, excel at simplifying complex privacy concepts for non-technical stakeholders, and are passionate about fostering a privacy-first culture. Your ability to balance proactive risk mitigation with operational efficiency will be critical in protecting the organization’s reputation and maintaining stakeholder trust. Skillset Required : Proactive, Loss Prevention, Iso 27001, Devops, Azure, Policy Development, Information Security, Compliance, Intellect, Python, Data Handling, Workflow, Iam, Excel, Triggers, Detail-oriented, Sql, Design Principles, Trends

#J-18808-Ljbffr

Overview

Join to apply for the Information & Network Security Consultant role at Confidential .

Safeguard organizational IT and venue systems through strong network security, proactive monitoring, and incident response. Support mega-sports event security readiness.

Responsibilities

• Design and enforce secure network architecture (LAN, WAN, cloud, VPN, SD-WAN).
• Lead incident detection, threat intelligence, and forensic response.
• Manage firewalls, WAF, email gateways, and endpoint protection.
• Collaborate with SOC and IT teams to strengthen layered defenses.
• Develop and maintain compliance with NIST, ISO 27001, and zero-trust frameworks.

Qualifications

• 8–15+ years in IT/network security, with 5–7 years in leadership for senior roles.
• Bachelor’s/Master’s in Information Security, IT, or related field.
• Certifications: CISSP, CISM, CEH, or vendor-specific (Cisco, Palo Alto, Fortinet).
• Experience with SIEM tools, incident response, penetration testing.
• Strong analytical, communication, and risk management skills.

Seniorities

• Mid-Senior level

Employment type

• Full-time

Job function

• Engineering
• Information Technology
• Management

Industries

• IT Services and IT Consulting
• Events Services
• Technology, Information and Media

#J-18808-Ljbffr

Overview

Join to apply for the

Information & Network Security Consultant

role at

Confidential . Safeguard organizational IT and venue systems through strong network security, proactive monitoring, and incident response. Support mega-sports event security readiness. Responsibilities

Design and enforce secure network architecture (LAN, WAN, cloud, VPN, SD-WAN). Lead incident detection, threat intelligence, and forensic response. Manage firewalls, WAF, email gateways, and endpoint protection. Collaborate with SOC and IT teams to strengthen layered defenses. Develop and maintain compliance with NIST, ISO 27001, and zero-trust frameworks. Qualifications

8–15+ years in IT/network security, with 5–7 years in leadership for senior roles. Bachelor’s/Master’s in Information Security, IT, or related field. Certifications: CISSP, CISM, CEH, or vendor-specific (Cisco, Palo Alto, Fortinet). Experience with SIEM tools, incident response, penetration testing. Strong analytical, communication, and risk management skills. Seniorities

Mid-Senior level Employment type

Full-time Job function

Engineering Information Technology Management Industries

IT Services and IT Consulting Events Services Technology, Information and Media

#J-18808-Ljbffr

GBM is hiring a experienced and highly motivated Mid-Career Network Security Engineer to join our information security team. The ideal candidate will be responsible for designing, implementing, maintaining, and troubleshooting our organization’s network security infrastructure. This role requires a strong understanding of network protocols, security principles, and a proven ability to protect sensitive data and systems from evolving cyber threats. This position demands a balance between technical expertise and strong client-facing skills, focusing on network security solutions.

Key Responsibilities:

• Design, implement, and manage network security solutions, including firewalls (e.g., Palo Alto, Cisco ASA, Fortinet), intrusion detection/prevention systems (IDS/IPS), VPNs, web application firewalls (WAFs) and other security appliances.
• Monitor network security systems for anomalies, alerts and potential security breaches, and respond effectively to incidents.
• Conduct vulnerability assessments and penetration testing to identify and address security weaknesses in the network infrastructure.
• Develop, implement, and enforce network security policies, standards, and procedures in alignment with industry best practices and compliance requirements.
• Perform reviews of network configurations to ensure compliance and identify areas for improvement.
• Administer and troubleshoot network devices such as routers, switches, and wireless access points, with a focus on their security configurations.
• Participate in the evaluation and selection of new security technologies and tools.
• Collaborate with IT operations, development teams, and other stakeholders to integrate security into all phases of the system development lifecycle.
• Develop and maintain comprehensive documentation for network security architecture, configurations, and procedures.
• Stay up-to-date with the latest security trends, threats, vulnerabilities and technologies.
• Provide technical guidance and mentorship to team members as needed.

Requirements:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity or a related field.
  (Relevant experience may substitute for a degree).
• 5 to 8 years of progressive experience in network security engineering or a similar role.
• Strong expertise with various security technologies, including:
  • Next Generation Firewalls (e.g., Palo Alto Networks, Cisco ASA, Fortinet).
  • IDS/IPS solutions.
  • VPN technologies (IPsec, SSL VPN).
  • Network Access Control (NAC) solutions.
  • SIEM (Security Information and Event Management) platforms.
  • Symantec (Broadcom) Web Proxy
  • Endpoint security solutions (AV and EDR).
• In-depth knowledge of networking protocols and services: TCP/IP, DNS, DHCP, HTTP/S, BGP, OSPF, VLANs, etc.
• Proven experience in incident response, forensics, and remediation.
• Excellent problem-solving, analytical, and communication skills.
• Ability to work independently and as part of a team in a fast-paced environment.
• Collaboration with pre-sales, project team, vendors and contractors.
• Strong attention to detail and commitment to security best practices.
• Sound experience in implementing multi-vendor security solutions.

Preferred Skills and Certifications:

Any of the below mentioned skills/certifications would be preferred.

• Professional level security certifications (e.g: CCNP Security, PCNSE, etc .) — Must
• Certified experience with Cisco ISE — Must
• Certified Information Systems Security Professional (CISSP) — Preferred
• Certified Ethical Hacker (CEH) — Preferred
• CompTIA Security+ — Preferred
• Competitive salary and benefits.
• Opportunity to work on innovative projects.
• Collaborative and flexible work environment.
• Opportunities for professional development and learning.

How To Apply:

Submit your updated resume and a cover letter detailing your experience as Network Security Engineer

#J-18808-Ljbffr

GBM is hiring a experienced and highly motivated Mid-Career Network Security Engineer to join our information security team. The ideal candidate will be responsible for designing, implementing, maintaining, and troubleshooting our organization’s network security infrastructure. This role requires a strong understanding of network protocols, security principles, and a proven ability to protect sensitive data and systems from evolving cyber threats. This position demands a balance between technical expertise and strong client-facing skills, focusing on network security solutions. Key Responsibilities: Design, implement, and manage network security solutions, including firewalls (e.g., Palo Alto, Cisco ASA, Fortinet), intrusion detection/prevention systems (IDS/IPS), VPNs, web application firewalls (WAFs) and other security appliances. Monitor network security systems for anomalies, alerts and potential security breaches, and respond effectively to incidents. Conduct vulnerability assessments and penetration testing to identify and address security weaknesses in the network infrastructure. Develop, implement, and enforce network security policies, standards, and procedures in alignment with industry best practices and compliance requirements. Perform reviews of network configurations to ensure compliance and identify areas for improvement. Administer and troubleshoot network devices such as routers, switches, and wireless access points, with a focus on their security configurations. Participate in the evaluation and selection of new security technologies and tools. Collaborate with IT operations, development teams, and other stakeholders to integrate security into all phases of the system development lifecycle. Develop and maintain comprehensive documentation for network security architecture, configurations, and procedures. Stay up-to-date with the latest security trends, threats, vulnerabilities and technologies. Provide technical guidance and mentorship to team members as needed. Requirements: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity or a related field. (Relevant experience may substitute for a degree). 5 to 8 years of progressive experience in network security engineering or a similar role. Strong expertise with various security technologies, including:

Next Generation Firewalls (e.g., Palo Alto Networks, Cisco ASA, Fortinet). IDS/IPS solutions. VPN technologies (IPsec, SSL VPN). Network Access Control (NAC) solutions. SIEM (Security Information and Event Management) platforms. Symantec (Broadcom) Web Proxy Endpoint security solutions (AV and EDR).

In-depth knowledge of networking protocols and services: TCP/IP, DNS, DHCP, HTTP/S, BGP, OSPF, VLANs, etc. Proven experience in incident response, forensics, and remediation. Excellent problem-solving, analytical, and communication skills. Ability to work independently and as part of a team in a fast-paced environment. Collaboration with pre-sales, project team, vendors and contractors. Strong attention to detail and commitment to security best practices. Sound experience in implementing multi-vendor security solutions. Preferred Skills and Certifications: Any of the below mentioned skills/certifications would be preferred. Professional level security certifications (e.g: CCNP Security, PCNSE, etc .) — Must Certified experience with Cisco ISE — Must Certified Information Systems Security Professional (CISSP) — Preferred Certified Ethical Hacker (CEH) — Preferred CompTIA Security+ — Preferred Competitive salary and benefits. Opportunity to work on innovative projects. Collaborative and flexible work environment. Opportunities for professional development and learning. How To Apply: Submit your updated resume and a cover letter detailing your experience as Network Security Engineer

#J-18808-Ljbffr

Responsible for handling day-to-day Network & Security operations.

Responsibilities

• Responsible for overseeing day-to-day Network & Security operations.
• Maintain, support, administer, and install/upgrade production network security devices, including outside of working hours in an on-call capacity.
• Support, administer, and install/upgrade network and security platforms, including multivendor firewalls, VPNs, routers, load balancers, switches, security appliances, IPS, and LAN/WAN.
• Contact and interact with external suppliers (e.g., logging support calls, following up with vendors/partners, and driving issues to closure).
• Manage incident, change, and problem management for Network and security infrastructure.
• Handle reports, backups, and configuration housekeeping.
• Coordinate and provide support for site visit activities at different locations.
• Liaise with vendors and clients for device upgrades, data center migration, device migrations, new device implementation, new technology implementation, existing hardware replacement, and migrations.
• Follow ITIL standards including Incident, Change, and Problem Management, as well as policies, procedures, and knowledge of information security best practices.
• Manage Load balancing platforms: F5 with LTM, APM, WAF, DDOS
• Manage Security Platforms including Cisco FTD, Palo Alto Fortinet, DDOS
• Manage Microsoft Azure cloud network Security infrastructure.
• Manage Google Cloud Network Security infrastructure.
• Coordinate with the Information Security team to implement recommended mitigation plans.
• Create and maintain network inventory/diagrams, as well as Standard Operating Procedure (SOP) documentation.
• Coordinate/consult with clients to understand requirements, plan, and execute.
• Coordinate with peer teams in Windows, applications, and IT support to achieve tasks based on client requirements.

General Requirements

• 10+ years and minimum 8 years relevant experience
• Bachelors / master’s degree in computer science or Equivalent
• Relevant certifications in networking domain
• Proven skills and experience in the similar role.
• Excellent communication skills both written and verbal.
• Ability to convey complex technical information concisely.
• A high level of motivation in learning new technologies.
• Hard worker, self-motivated and result-driven individual.
• Welling to work in non-standard working hours.
• Ability to work well in groups and independently.
• Strong analytical and problem-solving skills.

#J-18808-Ljbffr

Responsible for handling day-to-day Network & Security operations.

Responsibilities

Responsible for overseeing day-to-day Network & Security operations.

Maintain, support, administer, and install/upgrade production network security devices, including outside of working hours in an on-call capacity.

Support, administer, and install/upgrade network and security platforms, including multivendor firewalls, VPNs, routers, load balancers, switches, security appliances, IPS, and LAN/WAN.

Contact and interact with external suppliers (e.g., logging support calls, following up with vendors/partners, and driving issues to closure).

Manage incident, change, and problem management for Network and security infrastructure.

Handle reports, backups, and configuration housekeeping.

Coordinate and provide support for site visit activities at different locations.

Liaise with vendors and clients for device upgrades, data center migration, device migrations, new device implementation, new technology implementation, existing hardware replacement, and migrations.

Follow ITIL standards including Incident, Change, and Problem Management, as well as policies, procedures, and knowledge of information security best practices.

Manage Load balancing platforms: F5 with LTM, APM, WAF, DDOS

Manage Security Platforms including Cisco FTD, Palo Alto Fortinet, DDOS

Manage Microsoft Azure cloud network Security infrastructure.

Manage Google Cloud Network Security infrastructure.

Coordinate with the Information Security team to implement recommended mitigation plans.

Create and maintain network inventory/diagrams, as well as Standard Operating Procedure (SOP) documentation.

Coordinate/consult with clients to understand requirements, plan, and execute.

Coordinate with peer teams in Windows, applications, and IT support to achieve tasks based on client requirements.

General Requirements

10+ years and minimum 8 years relevant experience

Bachelors / master’s degree in computer science or Equivalent

Relevant certifications in networking domain

Proven skills and experience in the similar role.

Excellent communication skills both written and verbal.

Ability to convey complex technical information concisely.

A high level of motivation in learning new technologies.

Hard worker, self-motivated and result-driven individual.

Welling to work in non-standard working hours.

Ability to work well in groups and independently.

Strong analytical and problem-solving skills.

#J-18808-Ljbffr