94 Information Security Engineer Penetration Testing jobs in Qatar

The Information Security Engineer will focus on ensuring the organization's applications and data is secure and built according to best security standards. This role will be the subject matter expert on building secure code, application security, vulnerability testing, and providing security validation to the organization's environments.
Key Roles & Responsibilities

• Perform scheduled penetration testing of the company's applications
• Perform white, gray and black box security assessments.
• Support the organization, JVs and Subsidiaries in implementing Secure Software development lifecycle.
• Perform Mobile Services security Assessments.
• Support the organizations' environment monitoring by using available tools or help build internal tools to enable advanced threat detection and response.
• Conduct Security Vulnerability Assessments and impact assessment on company's electronic assets.
• Perform Security Assessments on ERP and other on-premise solutions.

Requirements
Skills, Knowledge and Behaviors:

• Ability to lead direct and indirect resources
• Ability to communicate technical challenges to non-technical audiences
• Ability to quantify risk and impact vectors
• Certified Ethical Hacker
• OCSP level of technical expertise
• Strong Scripting capability
• Strong ISO 27000 understanding
• Strong Application security background
• Strong Infrastructure security Background
• Strong experience in open source security tools

Qualifications & Experience

• Security Certification focusing on offensive or defensive practices
• Bachelor's degree in Information Security or Computer Engineering
• 10 + years in cybersecurity field
• System, network and/or application background

Preferred Experience

• Product development experience

About
ANA
B
ION

We are
ANA
B
ION
, an international biotech company dedicated to helping people live longer and healthier lives. Our strong portfolio spans effective, safe, and affordable solutions in Life Sciences, including innovative treatments, biosimilars, and gene therapies for oncology, autoimmune disorders, and rare diseases such as SMA and hemophilia.

About the Role

We are seeking an
Information Security Engineer
to join our growing team at
ANA
B
ION
. In this role, you will monitor and maintain our information protection systems, respond to security incidents, support users with access and data security, and contribute to projects that strengthen our detection and prevention capabilities. Success in this position requires strong analytical skills, attention to detail, and the ability to balance day-to-day operational responsibilities with proactive security improvements. We are looking for someone who goes beyond routine monitoring — bringing initiative, insight, and a strong security mindset to protect our company's data and support the efficiency of our global operations.

Responsibilities:

1. Maintain continuous monitoring and oversight of information protection tools (EDR, SIEM, DLP, vulnerability scanner) as part of daily security operations.
2. Respond to information security incidents within established timeframes, participate in their investigation and remediation, develop risk mitigation plans, document them, and track all activities in the Jira task management system.
3. Administer and maintain the performance of information security systems, including their configuration, monitoring and troubleshooting.
4. Regularly assess company services and information systems for compliance with legal and regulatory requirements in personal data protection, and address tasks aimed at raising information security awareness, including corporate newsletters and meetups.
5. Develop and timely update internal regulatory documents in the field of personal data protection and ensuring commercial secrecy regime.
6. Provide daily user support on information security matters, including secure data sharing, access rights management, and handling blocked resources.
7. Contribute to project initiatives such as implementing new protection tools, improving detection logic, and other development tasks in the field of information security.

Professional Knowledge & Skills:

• Comprehensive understanding of computer science and information systems.
• Hands-on experience with network defense technologies, firewalls, intrusion detection, and vulnerability assessment.
• Familiarity with programming/scripting languages, penetration testing, cloud security, risk analysis, and forensics.
• Up-to-date knowledge on emerging attack vectors and security solutions.
• Advanced English is required; Arabic or Russian is desirable but not mandatory.

Competencies & Soft Skills:

• Strong problem-solving, critical thinking, teamwork, time management, and the ability to remain effective under pressure.
• High ethical standards and discretion regarding sensitive data.
• Willingness to pursue continual professional development due to the evolving nature of cyber threats.

What We Offer:

• Be part of a fast-growing biotech company with access to global innovation and strategic support.
• Exposure to international cross-functional teams and career development opportunities across the ANABION global network.
• A collaborative, science-driven, and entrepreneurial work culture.
• A smart, competitive package, with bonus incentives aligned to performance.

DUTIES AND RESPONSIBILITIES:

• Perform on-site commissioning and testing of CCTV, ACS, Intrusion, Master clock and other Security System
• Ensure that the system is functioning based on the project requirements or government compliance.
• Perform troubleshooting and resolve any technical problems on-site during commissioning
• Conduct system functional inspection with the Project Manager or Project Engineer for system functional inspection if needed.
• Records all configurations done with the system to ensure proper tracking of project assets or equipment and any modifications.
• Verify installations on site are proper before starting the commissioning of the system.
• Provide Engineering support for the project by producing engineering documents.
• Reviews Engineering documents for the system if done by others.
• Manage post-sales support issues with clients, maintaining client confidentiality.
• Manage relationships with multiple industry vendors and equipment providers at all levels
• Responsible for developing and maintaining written procedures related to all areas of responsibility for the position.

QUALIFICATIONS:

• BS from accredited university in Electronics and Communication Engineering or Computer Engineering.
• Minimum 3-5 years of relevant experience in multiple areas of security including Engineering and Commissioning
• Knowledge in Physical Security System
• Site Survey and project with reporting experience
• Relevant certifications is a plus

SKILLS / ABILITIES:

• Superior analytical and problem-solving skills
• Detail oriented and organized
• Reads and understands shop drawings and specifications
• Written and verbal communication skills in the English language
• Customer Service oriented, maintaining professional Client Relationships
• Excellent time management skills
• Position is time intensive, depending on the project and may involve travel and frequent off-site travel
• Ability to adapt to industry developments and new technologies.
• Highly self-motivated, requiring no special training/coaching
• Excellent Interpersonal Skills
• Presentation Skills
• Works well under pressure
• Multitasking

Job Type: Full-time

• Perform web application, API, and mobile application penetration testing using industry-leading methodologies (OWASP, PTES, etc.).




• Conduct network penetration testing and infrastructure security assessments.




• Execute Vulnerability Assessment and Penetration Testing (VAPT) engagements, document findings, and recommend remediations.




• Integrate security into the Software Development Lifecycle (SDLC) and advise development teams on secure coding practices.




• Develop, enhance, and maintain security testing frameworks and tools .




• Review and validate security patches, mitigations, and fixes.




• Stay updated on the latest attack techniques, exploits, and threat landscapes to enhance testing methodologies.




• Collaborate with cross-functional teams to support security awareness and risk reduction efforts.

• 46 years of experience in Information Security, with a focus on application and network penetration testing .




• Hands-on experience with tools like Burp Suite, OWASP ZAP, Metasploit, Nmap, Nessus, and other manual testing tools .




• Deep understanding of OWASP Top 10 , SANS Top 25 , and common exploitation techniques.




• Experience in secure SDLC practices and working with development teams to resolve findings.




• Strong knowledge of mobile application security (iOS and Android) and API testing methodologies .




• Excellent report writing and communication skills for both technical and non-technical stakeholders.

• OSCP (Offensive Security Certified Professional)




• OSWE (Offensive Security Web Expert)




• eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)




• PNPT (Practical Network Penetration Tester)




• HTB CPTS (Certified Penetration Testing Specialist)

Accountabilities

Deliver Engineering Dossiers with robust cybersecurity definitions and fit-for-purpose designs that meet project specifications, standards, and operational requirements.

Ensure assigned project tasks are executed in line with the Project Execution Plan, contractual requirements, and cybersecurity standards.

Act as the focal point for all cybersecurity discipline matters, interfacing with project engineering teams, corporate cybersecurity teams, and EPC packages.

Provide technical support for audits, studies, inspections, and meetings related to cybersecurity.

Review and validate project documents, ensuring compliance with standards, identifying potential derogations, and driving optimized, cost-effective design outcomes.

• Ensure cybersecurity design is properly implemented and coordinated with all project stakeholders.
• Monitor, audit, and guide cybersecurity-related activities performed by ICSS OEMs, contractors, and integrators.
• Act as project representative during cybersecurity audits, tests, FAT / SAT, and inspections.
• Track closure of cybersecurity punch items and ensure compliance with project requirements.
• Coordinate with other engineering disciplines (ICSS, Electrical, Telecom, Instrumentation, Construction, Commissioning) to maintain consistency and integration.
• Participate in and support project studies such as HAZOP, Cyber PHA (Risk Assessments), SIL, and HAZID.
• Review, comment, and approve project cybersecurity documentation within required timelines.
• Promote value engineering initiatives to optimize cybersecurity design, cost, and schedule.
• Support lessons learned, risk assessments, and deviations / derogations processes in coordination with cybersecurity teams.
• Provide technical advice to ensure vendor packages and equipment comply with cybersecurity requirements.
• Contribute to project reporting, including progress, risks, and technical issue updates.

• Education : Degree in Electrical, Electronics, Instrumentation, or Control Engineering (or equivalent).
• Experience : 10–15 years in ICSS and package cybersecurity engineering in offshore oil & gas projects.
• Proven expertise in cybersecurity risk assessments, mitigation planning, and risk treatment implementation.
• Strong knowledge of industry standards and frameworks (ISA99 / IEC 62443, IEC 61511, NIST, Qatar ICS security).
• Offshore certifications (OPITO T-BOSIET, OPITO H2S, QE pass, medical fitness).
• Industry ICS Security certifications preferred (ISA99 / IEC 62443, GICSP, CISSP).
• Strong knowledge of project design, execution, and package interfaces.
• Proficient in cybersecurity design-related software.
• Excellent leadership, analytical, and communication skills.
• Fluent in English; experience in multicultural project environments.
• Familiarity with Total General Specifications and international codes / standards is an advantage.
• Willingness to travel for global project assignments.
• Submission date : Please submit CV's on or before 02nd October 2025.

BAE Systems Strategic Aerospace Services WLL | Full time

We are seeking a highly skilled System Security Engineer to strengthen our cybersecurity posture across on-premise and hybrid environments. The ideal candidate will have a strong background in Windows infrastructure security, identity and access management, scripting, and compliance frameworks. This role is critical to ensuring the protection, integrity, and resilience of our IT systems, while supporting secure business operations and digital transformation initiatives.

Key Responsibilities:

• Design, implement, and manage security solutions across Active Directory, ADFS, and Exchange (on-premise and hybrid).
  
• Harden and secure endpoints, infrastructure, and communications systems against evolving cyber threats.
  
• Automate security tasks and perform system audits using PowerShell and other scripting tools.
  
• Manage patching processes using WSUS, SCCM, or third-party tools.
  
• Integrate security logs and data into SIEM platforms and support threat detection/response initiatives.
  
• Collaborate with IT and business units to enforce identity and access management policies including MFA and Zero Trust architectures.
  
• Support compliance efforts aligned with ISO 27001, NIST, and CIS Controls.
  
• Assess and respond to security incidents using frameworks like MITRE ATT&CK.
  
• Continuously evaluate and improve system and application security controls.
  

Qualifications:

Required:

• Bachelor’s degree in Information Security, Computer Engineering, or related field.
  

- Microsoft Certified: Security Operations AnalystAssociate (MS-SC200)

- Microsoft Certified: Identity and AccessAdministrator Associate (SC-300)

- Microsoft Certified Cybersecurity ArchitectExpert

Preferred:

• Master’s degree in Information Security or Computer Engineering
  

- Systems Security Certified Practitioner (SSCP)

- CompTIA Cybersecurity Analyst (CySA+)

- Certified Information Systems SecurityProfessional (CISSP)

Experience & Knowledge Requirements:

• 5+ years of experience in Windows infrastructuresecurity (Active Directory, Exchange, endpoint hardening)
  
• In-depth knowledge of:
  

- Active Directory (LDAP, Kerberos, Group Policy,ADFS)

- Exchange security (transport rules,SPF/DMARC/DKIM, hybrid configurations)

• StrongPowerShell scripting capabilities for security automation and audits
  
• Proficient inZero Trust architecture and multi-factor authentication practices
  
• Understandingof compliance frameworks: ISO 27001, NIST, CIS Controls
  
• Experienceintegrating with on-premise SIEM solutions
  
• Familiaritywith MITRE ATT&CK and advanced threat detection techniques
  
• Solidbackground in systems, networks, and/or application security
  

• Security architecture and systemhardening
  
• Scripting and automation (PowerShell)
  
• Identity and access management (IAM)
  
• Compliance and regulatory knowledge
  
• Problem-solving and incident response
  
• Strong communication and documentationskills
  

Join to apply for the Ubuntu Security Engineer role at Canonical

2 days ago Be among the first 25 applicants

Join to apply for the Ubuntu Security Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution.

The company is founder-led, profitable, and growing.

Canonical is building a team dedicated to providing security coverage across a wide range of ecosystems and environments, working to make the world a better, safer place. We are hiring an Ubuntu Security Engineer to join an industry-leading security engineering team and help protect the open source community and Ubuntu users from emerging threats. We are looking for candidates across all levels of experience, from Graduate to Senior.

As part of the Ubuntu Security Team, you will work with some of the best and brightest people in technology to monitor, triage, respond to, and document new and existing vulnerabilities in open source software. You will collaborate with internal teams and external partners to identify issues, prioritize them, and coordinate remediation.

This is an engineering-focused role that may also involve activities such as producing security assessments, building features, conducting code reviews, developing internal tools, engaging with the open source community, and participating in industry initiatives and events.

This role requires international travel at least twice a year, usually for one week. It also requires the ability to be productive in a globally distributed team through self-discipline and self-motivation.

Location: Worldwide, this is a globally remote role

The role entails

• Analyzing, fixing, and testing vulnerabilities in open source packages
• Keeping track of vulnerabilities in the Ubuntu ecosystem as they are discovered, researched, and fixed, leveraging internal tools
• Collaborating with other teams in the Ubuntu community and upstream developers, as needed, to exchange or develop vulnerability patches and ensure that Ubuntu includes the most robust security features
• Auditing source code for vulnerabilities
• Building features and tools to help teams strengthen the security of their products and contribute to the overall security of Ubuntu
  
  

• You have a thorough understanding of the common categories of security vulnerabilities and techniques for fixing them
• You are familiar with coordinated disclosure practices
• You are familiar with open source development tools and methodologies
• You are skilled in one or more of C, Python, Go, Rust, Java, Ruby, PHP or JavaScript/TypeScript
• You have excellent logic, problem-solving, troubleshooting, and decision-making skills
• You can clearly and effectively communicate with the team and Ubuntu community members
• Experience with Linux (Debian or Ubuntu preferred)
• Excellent interpersonal skills, curiosity, flexibility, and accountability
• Appreciative of diversity, polite, and effective in a multi-cultural, multi-national organization
• Thoughtfulness and self-motivation
• Result-oriented, with a personal drive to meet commitments
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Team Member Assistance Program & Wellness Platform
• Opportunity to travel to new locations to meet colleagues
• Priority Pass and travel upgrades for long-haul company events
  
  

• Seniority level Entry level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.