52 Information Security Engineer jobs in Qatar

The Information Security Engineer will focus on ensuring the organization's applications and data is secure and built according to best security standards. This role will be the subject matter expert on building secure code, application security, vulnerability testing, and providing security validation to the organization's environments.
Key Roles & Responsibilities

• Perform scheduled penetration testing of the company's applications
• Perform white, gray and black box security assessments.
• Support the organization, JVs and Subsidiaries in implementing Secure Software development lifecycle.
• Perform Mobile Services security Assessments.
• Support the organizations' environment monitoring by using available tools or help build internal tools to enable advanced threat detection and response.
• Conduct Security Vulnerability Assessments and impact assessment on company's electronic assets.
• Perform Security Assessments on ERP and other on-premise solutions.

Requirements
Skills, Knowledge and Behaviors:

• Ability to lead direct and indirect resources
• Ability to communicate technical challenges to non-technical audiences
• Ability to quantify risk and impact vectors
• Certified Ethical Hacker
• OCSP level of technical expertise
• Strong Scripting capability
• Strong ISO 27000 understanding
• Strong Application security background
• Strong Infrastructure security Background
• Strong experience in open source security tools

Qualifications & Experience

• Security Certification focusing on offensive or defensive practices
• Bachelor's degree in Information Security or Computer Engineering
• 10 + years in cybersecurity field
• System, network and/or application background

Preferred Experience

• Product development experience

Job description:

Job Purpose

The company relies more and more on advanced Digital and Information solutions to extend its operations in the most cost-effective way while keeping high standard of security to protect the assets against the ever-evolving threats.

• The Information Security Engineer - Developee has to ensure that all work is carried out in a professional manner and in compliance with NOC values, policies, specifications and DBS procedures.
• Has to  Develop technical skills in information security in the different areas (Information Protection, Security operations and architecture, Governance, Risk and Compliance,  Incident response)
• Rotate through different teams within DBS (Infrastructure and Support, Petroleum and Corporate Solutions, ERP, Data Management, Strategy Governance & Programs, Digital and S4Hana Program) to gain exposure and understanding of their functions.
• Demonstrate growth in technical and professional  competencies after completion of program

Key Accountabilities

The Information Security Engineer - Developee will be contributing to the protection of the organization's information systems by assisting in the deployment, monitoring and maintenance of security controls. He/she will support information Protection initiatives, cyber incident response activities, security operations and ensure compliance with internal policies and industry standards. Beyond the technical scope, the role requires strong collaboration skills to work effectively with IT, business and operations teams, as well as clear communication to report findings and propose solutions. The engineer will be expected to demonstrate curiosity, adaptability and a commitment to continuous learning.

Key Accountabilities Key Accountabilities Competencies Delegate Appropriately and Communicate Effectively Demonstrate Adaptability in Managing Complex Situations Demonstrate Learning Agility and Drive Innovation Develop Emotional Intelligence and Cultural Competence Develop Others and Institutionalise Knowledge Develop Talent for the Future NOC Sustainability Facilitate Collaboration and Sense of Community Improve Safety, Technical Proficiency and Results Lead By Example with NOC Values Set Purpose, Strategic Direction and Company Plan Strengthen Accountability and Continuous Improvement Think and Act in Stakeholder-Centric Ways Education

Gaduate with a bachelor's degree in computer science, Information Technology, Petroleum Engineering, or related field.

Certification Experience

No experience required. Freshers can apply

Job Purpose

• Responsible to support Information Security Governance, Risk and Control
• activities. Assist in all information security activities in order to protect the
• organization's information technology assets from cyber-attacks.
• Function Information Technology

Key Responsibilities

• Supporting and maintaining the required Information Security policies, procedures, guidelines, registers and relevant documentations for the GRC activities.
• Obtain, review, and prepare periodic review reports such as User
• Access Management reports for Audit, GRC and other government
• regulatory compliance activities.
• Coordinate, conduct and participate in all related Audits includingISMS, MPTO, Internal and External.
• Maintain overall ISMS related documentation with appropriate versioning and tracking changes
• Coordinate Information Security and Privacy Management related
• Meetings
• Train and support the internal teams and staffs on activities related to information security compliance and personal information and privacy management
• Ensure all approved policies related to Information Security are applied and maintained in an effective and efficient manner
• Coordinate with relevant Teams and external MSPs on incidence response activities
• Support staffs on minor troubleshooting activities related to information security Create / Translate relevant documentations and contents in Arabic for
• wider circulation Coordinate, communicate effectively and maintain cordial relationship with internal and external departments of Qatar Post with respect to information security activities

Knowledge / Skills Required

• University Degree related to Information Technology or similar

Qualification

• Good knowledge in Arabic both written and spoken
• Preferably certifications in Information Security such as CISA, CISM,
• MCSE
• Preferably certifications in ISO27001:2013 Lead Implementer
• 3+ years of experience in information security or information
• technology processing facilities

Information Security Analyst

Job Purpose

• Responsible to support Information Security Governance, Risk and Control
• activities. Assist in all information security activities in order to protect the
• organization's information technology assets from cyber-attacks.
• Function Information Technology

Key Responsibilities

• Supporting and maintaining the required Information Security policies, procedures, guidelines, registers and relevant documentations for the GRC activities.
• Obtain, review, and prepare periodic review reports such as User
• Access Management reports for Audit, GRC and other government
• regulatory compliance activities.
• Coordinate, conduct and participate in all related Audits includingISMS, MPTO, Internal and External.
• Maintain overall ISMS related documentation with appropriate versioning and tracking changes
• Coordinate Information Security and Privacy Management related
• Meetings
• Train and support the internal teams and staffs on activities related to information security compliance and personal information and privacy management
• Ensure all approved policies related to Information Security are applied and maintained in an effective and efficient manner
• Coordinate with relevant Teams and external MSPs on incidence response activities
• Support staffs on minor troubleshooting activities related to information security Create / Translate relevant documentations and contents in Arabic for
• wider circulation Coordinate, communicate effectively and maintain cordial relationship with internal and external departments of Qatar Post with respect to information security activities

Knowledge / Skills Required

• University Degree related to Information Technology or similar

Qualification

• Good knowledge in Arabic both written and spoken
• Preferably certifications in Information Security such as CISA, CISM,
• MCSE
• Preferably certifications in ISO27001:2013 Lead Implementer
• 3+ years of experience in information security or information
• technology processing facilities

Primary Purpose of the Job:

Develop and implement an operational risk management program. Focus on enhancing operational risk measurement & analysis, and operational risk reporting. Guide the process of applying internal controls (mitigation). Establish security policies, procedures and standards and ensure that reviews of operational documentation is carried out at planned intervals to meet the security operational requirements. Conduct investigations of security related incidents, occurrences or events occurring within Doha commercial buildings/ facilities. Thereby to determine the work element and root causes of an incident, and to assist in providing a solution to prevent recurrence.

Required Experience and Skills:

• At least 12 years' experience in industrial or corporate security, with at least 5 years at a supervisory level.
• Proven, in-depth understanding of security risk management processes, mitigation methods and security management system programs.
• Investigative experience in an industrial or corporate security environment.
• Demonstrated leadership, problem solving and strong interpersonal skills.
• Fluency in English.
• Proven ability to organize, motivate and supervise subordinates.

Educational Qualifications:

• A recognized University Degree with a Risk/Security focus.

Primary Purpose Of The Job
Governance and execution of the Information Security Management System (ISMS) including developing

policies,standards and procedures required for the corporate information security in both an Information

technology (IT) and Operational Technology (OT) capacity.

Define required information security policies, standards and procedures related to their areas of operation as well as

raising awareness of those polices, standards and procedures.

Ensure adequate an effective IT controls exist to meet applicable current and future security compliance requirements.

Conduct compliance and operational maturity assessments to ensure optimal operation of the information and

operational technology environments under the guidelines of the ISMS.

Develop reporting Metrics, dashboards and evidences of compliance activities.

Coordinate with IT stakeholders, project managers, and business owners to facilitate vendor risk assessments, due

diligence review and security requirements definition. Maintain third-party assessment documentation.

Stay updated on the latest security trends, emerging threats and best practices to continuously improve the overall

security posture.

Coordinate and align activities between Information Security and Business Continuity, and liaise within IT Department

to ensure business continuity and disaster recovery plans are in place, tested, and report regularly.

Carry out other Security related activities as assigned by team Lead.

Required Experience And Skills
10+ years of relevant professional experience.

• Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
• Experience with and understanding of customized information security management systems.
• Experience in defining Governance, Risk, and Compliance (GRC) processes and leveraging industry-standard GRC

tools and products.

• Knowledge of information security capabilities and requirements analysis.
• Knowledge of relevant state laws, industry regulations, and security standards.
• Excellent written, verbal and presentation communication skills.

Educational Qualifications
Bachelor degree in information security, computer science, or engineering.

• Professional certifications in information security management and standards compliance (e.g., CISSP, CISM,

CRISC, GIAC, ISO27001, etc.) and experience with control frameworks (e.g., NIST Cybersecurity Control Framework).

We're Hiring: IT Security Analyst (IT/OT Security & Compliance Analyst)

Location: Qatar | Industry: Oil & Gas

Contract: 3 Years (Extendable)

Salary Package: QAR 20,000 / Month (Full Package)

Key Responsibilities:

• Conduct vulnerability scans, penetration tests, and document findings with mitigation strategies.
• Configure IDS/IPS, EDR, and IAM solutions.
• Support teams in applying patches, anti-malware strategies, and security safeguards.
• Implement security controls, frameworks, and compliance programs aligned with Qatar's CSF and NIA policies.
• Evaluate risks, manage incidents, vulnerability assessments, and penetration testing.
• Define and document security process responsibilities in GRC tools.

Qualifications & Experience:

• Bachelor's in IT/Computer Science or related field.
• Certifications: OSCP, OSCE, CompTIA Security+, Blue Team, ISO 27001 ISMS, ISA 62443.
• Minimum 5 years' cybersecurity experience (Oil & Gas preferred).
• Strong knowledge of IT/OT systems, networks, cloud security, auditing, compliance, and incident response.
• Excellent problem-solving, communication, and analytical skills.

Job Type: Full-time

Pay: QAR19, QAR20,000.00 per month

Application Question(s):

• Do you hold any relevant cybersecurity certifications (e.g., OSCP, OSCE, CompTIA Security+, ISO 27001 ISMS, ISA 62443)? Please specify.
• How many years of professional experience do you have in cybersecurity?
• Do you have experience in the Oil & Gas sector?
• What is your notice period/availability to join?
• What is your expected monthly salary in QAR (full package)?
• Do you have experience with IT/OT security compliance frameworks such as Qatar's CSF or NIA Policy?

**This is an onsite opening for Doha, Qatar location**

Key Responsibilities:

• Monitor and respond to security incidents using SIEM and EDR tools.
• Manage vulnerability assessments, patching, and system hardening.
• Review and secure firewalls, VPNs, and network configurations.
• Ensure compliance with ISO 27001, NIST, and IEC 62443 frameworks.
• Support OT/ICS cybersecurity and secure ITOT network segmentation.

Qualifications:

• Bachelors in Computer Science, IT, or related field (Master's preferred).
• 6–10 years of experience in IT Security (industrial or critical infrastructure preferred).
• Certifications: CompTIA Security+, CEH, SSCP (Preferred: CISSP, CISM, GICSP, IEC

Key Skills:

Security Monitoring & Incident Response | Vulnerability & Risk Management | Network & Infrastructure Security | Cybersecurity Governance & Compliance | OT/ICS Security