22 Security Measures jobs in Qatar

This role is designed for a professional deeply committed to safeguarding sensitive personal data and ensuring compliance with global and regional data protection regulations (e.g., GDPR, CCPA, Qatar PDPPL). You will lead efforts to identify, classify, and protect PII across the organization while embedding privacy-by-design principles into business processes. Your responsibilities will span data lifecycle governance, third-party risk management, regulatory compliance, and incident response, ensuring that all data processing activities align with legal and ethical standards. This position requires a strategic thinker who can balance technical controls with regulatory requirements, collaborate cross-functionally to mitigate risks, and foster a culture of data privacy KEY RESPONSIBILITIES 1. Data Governance & Compliance Data Lifecycle Governance : Design and implement end-to-end data lifecycle policies to govern data from creation / collection to archival and secure deletion, ensuring compliance with legal, regulatory, and business requirements. Define retention schedules, archival protocols, and secure disposal methods for sensitive data (e.g., PII, financial records) in collaboration with legal and IT teams. Data Classification Develop / Enhance Data Classification Frameworks : Design and implement a tiered classification system (e.g., Public, Internal, Restricted, Confidential) to categorize data based on sensitivity, regulatory requirements, and business impact. Define Classification Standards : Establish clear criteria for labeling data types (e.g., PII, financial records, intellectual property) and enforce metadata tagging for traceability. Regulatory Compliance : Ensure adherence to GDPR, CCPA, Qatar PDPPL, and other applicable laws by implementing consent management frameworks, data subject rights workflows, and breach notification protocols. 2. Technical Safeguards & Risk Mitigation Data Protection Controls : Implement encryption, tokenization, and pseudonymization for PII at rest and in transit. Deploy Data Loss Prevention (DLP) tools to monitor and restrict unauthorized data transfers. 3. Third-Party & Vendor Oversight Assess third-party vendors for compliance with data protection obligations through questionnaires, audits, and contractual reviews. Data Processing Agreements (DPAs) : Draft and enforce DPAs to ensure vendors adhere to organizational privacy standards and regulatory mandates. TECHNICAL REQUIREMENTS Expertise in data protection technologies : DLP, encryption (AES-256, TLS), and anonymization tools. Proficiency with compliance platforms : OneTrust, TrustArc, or similar for PIAs and consent management. Familiarity with cloud security (AWS / Azure / GCP IAM, storage ACLs) and data residency requirements. Knowledge of privacy-enhancing technologies (PETs) such as differential privacy or homomorphic encryption. Experience with incident response tools for breach detection and analysis. Basic scripting skills (Python, SQL) for data mapping and workflow automation. CERTIFICATIONS Required : CIPP (Certified Information Privacy Professional) or CIPM (Certified Information Privacy Manager). Preferred : ISO 27001 Lead Implementer, CDPSE (Certified Data Privacy Solutions Engineer). Advantageous : Cloud-specific certifications. REQUIRED EXPERIENCE 3+ years in data protection, privacy compliance, or PII governance roles. Demonstrated experience conducting PIAs, managing DSARs, and responding to data breaches. Proven track record in implementing GDPR / CCPA / Qatar PDPPL requirements within complex organizations. Familiarity with third-party risk management frameworks and contract negotiation. IDEAL CANDIDATE PROFILE You are a detail-oriented professional with a deep understanding of global privacy regulations and the technical acumen to translate legal requirements into actionable controls. You thrive in collaborative environments, excel at simplifying complex privacy concepts for non-technical stakeholders, and are passionate about fostering a privacy-first culture. Your ability to balance proactive risk mitigation with operational efficiency will be critical in protecting the organization’s reputation and maintaining stakeholder trust. Skillset Required : Proactive, Loss Prevention, Iso 27001, Devops, Azure, Policy Development, Information Security, Compliance, Intellect, Python, Data Handling, Workflow, Iam, Excel, Triggers, Detail-oriented, Sql, Design Principles, Trends

#J-18808-Ljbffr

Security Specialist - Endpoint Security and Data Leak Protection Analyst

Join to apply for the Security Specialist - Endpoint Security and Data Leak Protection Analyst role at ECCO Gulf WLL

The Security Specialist – Endpoint Security and Data Leak Protection Analyst is responsible for ensuring the protection of the organization's information and data through the administration of security policies and practices. This role focuses on endpoint security and data leak protection, ensuring that authorized users can access data while maintaining confidentiality, integrity, and availability. The role requires proactive security monitoring, policy enforcement, incident management, and collaboration with other teams to ensure robust security practices are followed across the organization.

Key Responsibilities & Accountabilities

• Drafts, implements, and maintains security policies, standards, procedures, and documentation for endpoint security.
• Monitors and enforces the application of security operations procedures.
• Reviews systems for potential breaches and ensures all identified security breaches are thoroughly investigated.
• Implements necessary system changes to maintain and enhance endpoint security.
• Ensures that security records and logs related to endpoints and data leak protection are accurate, complete, and up-to-date.

Strategy, Architecture, and Information Strategy

• Conducts vulnerability assessments and security risk assessments on endpoint devices (desktops, laptops, mobile devices, servers) and applications.
• Provides strategic advice on security solutions and best practices for endpoint protection and data leak prevention.
• Investigates major breaches of endpoint security or data leaks and recommends improvements in security controls.
• Contributes to the development and refinement of endpoint security strategies and standards in line with industry best practices and regulatory compliance.

Planning, Prioritization, and Problem Solving

• Plans and prioritizes endpoint security and data leak protection initiatives, ensuring alignment with organizational goals.
• Assesses the impact of technological changes, regulations, and business processes on endpoint security and implements necessary security measures.
• Continuously evaluates and adjusts security strategies and goals based on organizational needs, emerging threats, and regulatory changes.

Technology

• Demonstrates strong technical knowledge of endpoint security technologies, such as antivirus, EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), encryption, and DLP (Data Leak Prevention) systems.
• Utilizes tools such as SIEM, IDS/IPS, and application firewalls to monitor, analyze, and mitigate security threats targeting endpoint devices.
• Ensures compliance with information security policies, focusing on protecting endpoints and preventing data leaks.

Key Responsibilities & Security Measures

• Endpoint Security & Data Leak Prevention: Develops, implements, and manages endpoint security policies for devices including desktops, laptops, mobile devices, and servers.
• Incident Response: Acts as the first responder to security incidents related to endpoints and data leaks, conducts investigations, and recommends remediation actions.
• Security Tools & Technologies: Manages and optimizes endpoint security tools, including antivirus software, EDR/XDR solutions, encryption, and DLP systems.
• Collaboration: Works closely with IT and compliance teams to ensure endpoint security policies align with industry standards, regulatory requirements, and best practices.
• Continuous Monitoring: Stays up-to-date with the latest security trends and threats, continuously monitoring endpoint devices for vulnerabilities, threats, and potential data leaks.

Skills & Qualifications

• 5-6 years of hands-on experience in cybersecurity, with specific focus on endpoint security, data leak protection, incident response, and vulnerability management.
• Bachelor’s degree/ Engineering in Information Security, Computer Science, or a related field.
• Proven experience with Endpoint security monitoring tools (Microsoft Defender XDR, Endgame EDR, Microsoft DLP, etc.).
• In-depth knowledge of security policies and standards regarding endpoint protection, data leak prevention, and network security.
• Experience with security technologies such as SIEM, IDS/IPS, antivirus solutions, and encryption tools.
• Strong understanding of networking protocols, operating systems (Windows, Linux, macOS), and internet security.
• Experience in systems installation, configuration, and administration, including endpoint devices and security environments.
• Hands-on experience with DLP technologies and data privacy tools.
• Ability to analyze security incidents, identify root causes, and implement remediation actions.

• Certifications
• Mandatory:
• CompTIA Security+
• Certified Information Privacy Professional (CIPP)
• Microsoft Security Operations Analyst-SE 200
• Preferred (not mandatory):
• CISSP
• Certified Ethical Hacker (CEH)
• SANS GIAC Security Essentials (GSEC)
• SANS GIAC Certified Enterprise Defender (GCED)

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Other, Information Technology, and Management
• Industries: Outsourcing and Offshoring Consulting

Referrals increase your chances of interviewing at ECCO Gulf WLL by 2x

Get notified about new Security Professional jobs in Qatar .

Note: This description includes only the primary role details and standard EEO information. Other job listings and unrelated content have been omitted for clarity.

#J-18808-Ljbffr

The Security Specialist – Endpoint Security and Data Leak Protection Analyst is responsible for ensuring the protection of the organization's information and data through the administration of security policies and practices. This role will focus on endpoint security and data leak protection, ensuring that authorized users can access data while maintaining confidentiality, integrity, and availability. The role requires proactive security monitoring, policy enforcement, incident management, and collaboration with other teams to ensure robust security practices are followed across the organization.

Key Responsibilities & Accountabilities: Service Management and Service Operation

• Drafts, implements, and maintains security policies, standards, procedures, and documentation for endpoint security.

• Monitors and enforces the application of security operations procedures.

• Reviews systems for potential breaches and ensures all identified security breaches are thoroughly investigated.

• Implements necessary system changes to maintain and enhance endpoint security.

• Ensures that security records and logs related to endpoints and data leak protection are accurate, complete, and up-to-date.

Strategy, Architecture, and Information Strategy

• Conducts vulnerability assessments and security risk assessments on endpoint devices (desktops, laptops, mobile devices, servers) and applications.

• Provides strategic advice on security solutions and best practices for endpoint protection and data leak prevention.

• Investigates major breaches of endpoint security or data leaks and recommends improvements in security controls.

• Contributes to the development and refinement of endpoint security strategies and standards in line with industry best practices and regulatory compliance.

Planning, Prioritization, and Problem Solving

• Plans and prioritizes endpoint security and data leak protection initiatives, ensuring alignment with organizational goals.

• Assesses the impact of technological changes, regulations, and business processes on endpoint security and implements necessary security measures.

• Continuously evaluates and adjusts security strategies and goals based on organizational needs, emerging threats, and regulatory changes.

Technology

• Demonstrates strong technical knowledge of endpoint security technologies, such as antivirus, EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), encryption, and DLP (Data Leak Prevention) systems.

• Utilizes tools such as SIEM, IDS/IPS, and application firewalls to monitor, analyze, and mitigate security threats targeting endpoint devices.

• Ensures compliance with information security policies, focusing on protecting endpoints and preventing data leaks.

Key Responsibilities & Security Measures

• Endpoint Security & Data Leak Prevention : Develops, implements, and manages endpoint security policies for devices including desktops, laptops, mobile devices, and servers.

• Incident Response : Acts as the first responder to security incidents related to endpoints and data leaks, conducts investigations, and recommends remediation actions.

• Security Tools & Technologies : Manages and optimizes endpoint security tools, including antivirus software, EDR/XDR solutions, encryption, and DLP systems.

• Collaboration : Works closely with IT and compliance teams to ensure endpoint security policies align with industry standards, regulatory requirements, and best practices.

• Continuous Monitoring : Stays up-to-date with the latest security trends and threats, continuously monitoring endpoint devices for vulnerabilities, threats, and potential data leaks.

Skills & Qualifications:

• • 5-6 years of hands-on experience in cybersecurity, with specific focus on endpoint security, data leak protection, incident response, and vulnerability management.

  • Bachelor’s degree/ Engineering in Information Security, Computer Science, or a related field.

  • Proven experience with Endpoint security monitoring tools (Microsoft Defender XDR, Endgame EDR, Microsoft DLP, etc.).

  • In-depth knowledge of security policies and standards regarding endpoint protection, data leak prevention, and network security.

  • Experience with security technologies such as SIEM, IDS/IPS, antivirus solutions, and encryption tools.

  • Strong understanding of networking protocols, operating systems (Windows, Linux, macOS), and internet security.

  • Experience in systems installation, configuration, and administration, including endpoint devices and security environments.

  • Hands-on experience with DLP technologies and data privacy tools.

  • Ability to analyze security incidents, identify root causes, and implement remediation actions.

• Certifications:

  • Mandatory :

    • CompTIA Security+

    • Certified Information Privacy Professional (CIPP)

    • Microsoft Security Operations Analyst-SE 200

  • Preferred (not mandatory):

    • CISSP

    • Certified Ethical Hacker (CEH)

    • SANS GIAC Security Essentials (GSEC)

    • SANS GIAC Certified Enterprise Defender (GCED)

#J-18808-Ljbffr

Security Specialist - Endpoint Security and Data Leak Protection Analyst

Join to apply for the

Security Specialist - Endpoint Security and Data Leak Protection Analyst

role at

ECCO Gulf WLL The Security Specialist – Endpoint Security and Data Leak Protection Analyst is responsible for ensuring the protection of the organization's information and data through the administration of security policies and practices. This role focuses on endpoint security and data leak protection, ensuring that authorized users can access data while maintaining confidentiality, integrity, and availability. The role requires proactive security monitoring, policy enforcement, incident management, and collaboration with other teams to ensure robust security practices are followed across the organization. Key Responsibilities & Accountabilities Drafts, implements, and maintains security policies, standards, procedures, and documentation for endpoint security. Monitors and enforces the application of security operations procedures. Reviews systems for potential breaches and ensures all identified security breaches are thoroughly investigated. Implements necessary system changes to maintain and enhance endpoint security. Ensures that security records and logs related to endpoints and data leak protection are accurate, complete, and up-to-date. Strategy, Architecture, and Information Strategy Conducts vulnerability assessments and security risk assessments on endpoint devices (desktops, laptops, mobile devices, servers) and applications. Provides strategic advice on security solutions and best practices for endpoint protection and data leak prevention. Investigates major breaches of endpoint security or data leaks and recommends improvements in security controls. Contributes to the development and refinement of endpoint security strategies and standards in line with industry best practices and regulatory compliance. Planning, Prioritization, and Problem Solving Plans and prioritizes endpoint security and data leak protection initiatives, ensuring alignment with organizational goals. Assesses the impact of technological changes, regulations, and business processes on endpoint security and implements necessary security measures. Continuously evaluates and adjusts security strategies and goals based on organizational needs, emerging threats, and regulatory changes. Technology Demonstrates strong technical knowledge of endpoint security technologies, such as antivirus, EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), encryption, and DLP (Data Leak Prevention) systems. Utilizes tools such as SIEM, IDS/IPS, and application firewalls to monitor, analyze, and mitigate security threats targeting endpoint devices. Ensures compliance with information security policies, focusing on protecting endpoints and preventing data leaks. Key Responsibilities & Security Measures Endpoint Security & Data Leak Prevention: Develops, implements, and manages endpoint security policies for devices including desktops, laptops, mobile devices, and servers. Incident Response: Acts as the first responder to security incidents related to endpoints and data leaks, conducts investigations, and recommends remediation actions. Security Tools & Technologies: Manages and optimizes endpoint security tools, including antivirus software, EDR/XDR solutions, encryption, and DLP systems. Collaboration: Works closely with IT and compliance teams to ensure endpoint security policies align with industry standards, regulatory requirements, and best practices. Continuous Monitoring: Stays up-to-date with the latest security trends and threats, continuously monitoring endpoint devices for vulnerabilities, threats, and potential data leaks. Skills & Qualifications 5-6 years of hands-on experience in cybersecurity, with specific focus on endpoint security, data leak protection, incident response, and vulnerability management. Bachelor’s degree/ Engineering in Information Security, Computer Science, or a related field. Proven experience with Endpoint security monitoring tools (Microsoft Defender XDR, Endgame EDR, Microsoft DLP, etc.). In-depth knowledge of security policies and standards regarding endpoint protection, data leak prevention, and network security. Experience with security technologies such as SIEM, IDS/IPS, antivirus solutions, and encryption tools. Strong understanding of networking protocols, operating systems (Windows, Linux, macOS), and internet security. Experience in systems installation, configuration, and administration, including endpoint devices and security environments. Hands-on experience with DLP technologies and data privacy tools. Ability to analyze security incidents, identify root causes, and implement remediation actions. Certifications Mandatory: CompTIA Security+ Certified Information Privacy Professional (CIPP) Microsoft Security Operations Analyst-SE 200 Preferred (not mandatory): CISSP Certified Ethical Hacker (CEH) SANS GIAC Security Essentials (GSEC) SANS GIAC Certified Enterprise Defender (GCED) Seniority level Mid-Senior level Employment type Full-time Job function Other, Information Technology, and Management Industries: Outsourcing and Offshoring Consulting Referrals increase your chances of interviewing at ECCO Gulf WLL by 2x Get notified about new Security Professional jobs in

Qatar . Note: This description includes only the primary role details and standard EEO information. Other job listings and unrelated content have been omitted for clarity.

#J-18808-Ljbffr

The Security Specialist – Endpoint Security and Data Leak Protection Analyst is responsible for ensuring the protection of the organization's information and data through the administration of security policies and practices. This role will focus on endpoint security and data leak protection, ensuring that authorized users can access data while maintaining confidentiality, integrity, and availability. The role requires proactive security monitoring, policy enforcement, incident management, and collaboration with other teams to ensure robust security practices are followed across the organization. Key Responsibilities & Accountabilities:

Service Management and Service Operation

Drafts, implements, and maintains security policies, standards, procedures, and documentation for endpoint security.

Monitors and enforces the application of security operations procedures.

Reviews systems for potential breaches and ensures all identified security breaches are thoroughly investigated.

Implements necessary system changes to maintain and enhance endpoint security.

Ensures that security records and logs related to endpoints and data leak protection are accurate, complete, and up-to-date.

Strategy, Architecture, and Information Strategy

Conducts vulnerability assessments and security risk assessments on endpoint devices (desktops, laptops, mobile devices, servers) and applications.

Provides strategic advice on security solutions and best practices for endpoint protection and data leak prevention.

Investigates major breaches of endpoint security or data leaks and recommends improvements in security controls.

Contributes to the development and refinement of endpoint security strategies and standards in line with industry best practices and regulatory compliance.

Planning, Prioritization, and Problem Solving

Plans and prioritizes endpoint security and data leak protection initiatives, ensuring alignment with organizational goals.

Assesses the impact of technological changes, regulations, and business processes on endpoint security and implements necessary security measures.

Continuously evaluates and adjusts security strategies and goals based on organizational needs, emerging threats, and regulatory changes.

Technology

Demonstrates strong technical knowledge of endpoint security technologies, such as antivirus, EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), encryption, and DLP (Data Leak Prevention) systems.

Utilizes tools such as SIEM, IDS/IPS, and application firewalls to monitor, analyze, and mitigate security threats targeting endpoint devices.

Ensures compliance with information security policies, focusing on protecting endpoints and preventing data leaks.

Key Responsibilities & Security Measures

Endpoint Security & Data Leak Prevention : Develops, implements, and manages endpoint security policies for devices including desktops, laptops, mobile devices, and servers.

Incident Response : Acts as the first responder to security incidents related to endpoints and data leaks, conducts investigations, and recommends remediation actions.

Security Tools & Technologies : Manages and optimizes endpoint security tools, including antivirus software, EDR/XDR solutions, encryption, and DLP systems.

Collaboration : Works closely with IT and compliance teams to ensure endpoint security policies align with industry standards, regulatory requirements, and best practices.

Continuous Monitoring : Stays up-to-date with the latest security trends and threats, continuously monitoring endpoint devices for vulnerabilities, threats, and potential data leaks.

Skills & Qualifications:

5-6 years of hands-on experience in cybersecurity, with specific focus on endpoint security, data leak protection, incident response, and vulnerability management.

Bachelor’s degree/ Engineering in Information Security, Computer Science, or a related field. Proven experience with Endpoint security monitoring tools (Microsoft Defender XDR, Endgame EDR, Microsoft DLP, etc.).

In-depth knowledge of security policies and standards regarding endpoint protection, data leak prevention, and network security.

Experience with security technologies such as SIEM, IDS/IPS, antivirus solutions, and encryption tools.

Strong understanding of networking protocols, operating systems (Windows, Linux, macOS), and internet security.

Experience in systems installation, configuration, and administration, including endpoint devices and security environments.

Hands-on experience with DLP technologies and data privacy tools.

Ability to analyze security incidents, identify root causes, and implement remediation actions.

Certifications: Mandatory : CompTIA Security+

Certified Information Privacy Professional (CIPP)

Microsoft Security Operations Analyst-SE 200

Preferred

(not mandatory): CISSP

Certified Ethical Hacker (CEH)

SANS GIAC Security Essentials (GSEC)

SANS GIAC Certified Enterprise Defender (GCED)

#J-18808-Ljbffr

Purpose : The Risk Management Specialist is responsible for implementing the organization’s risk management framework, ensuring the identification, assessment, and mitigation of risks that may impact strategic and operational objectives. The role ensures compliance with regulatory requirements and industry best practices while embedding risk awareness within the organization.

Job Summary : The Risk Management Specialist is responsible for conducting risk assessments, implementing mitigation strategies, developing risk reports, and ensuring compliance with ISO 31000. This role plays a key part in embedding a proactive risk management culture and enhancing resilience by integrating risk frameworks into business operations.

Main Responsibilities & Tasks

• Conduct comprehensive risk assessments for enterprise, operational, and project-based risks, ensuring proactive identification and mitigation.
• Obtain, assess, and continuously monitor risk treatment plans, ensuring effectiveness and timely execution.
• Assist the Executive Director (ED) in engaging with senior leadership to align risk management strategies with organizational objectives.
• Ensure full alignment with ISO 31000, corporate governance frameworks, and regulatory standards.
• Develop and maintain the risk management framework in accordance with organizational governance policies and external regulatory bodies.
• Develop risk management training materials and conduct workshops to enhance awareness across the organization.
• Foster a risk-aware culture by embedding risk considerations into daily operations and decision-making.
• Analyze past incidents, near misses, and emerging risks to enhance the organization’s risk management framework.
• Implement lessons learned and update risk controls to improve resilience and prevent recurrence.
• Assess fraud risks, financial exposures, and oversee the implementation of internal controls to mitigate financial and reputational losses.
• Support in assessing fraud prevention frameworks, including detection and reporting mechanisms.
• Utilize risk analytics tools to enhance predictive capabilities and support data-driven decision-making.
• Develop risk indicators (KRIs) and risk dashboards for real-time monitoring and reporting.
• Support the ED in Board, BAC, and BEC risk reporting, ensuring visibility on strategic risks impacting governance.
• Assist in defining, maintaining, and periodically reviewing risk appetite statements.
• Develop and maintain risk dashboards, reports, and key insights for senior leadership and governance committees.
• Ensure seamless integration of risk management with Operational Management, Internal Audit, and Board Committees for effective oversight.
• Note that job descriptions are written to reflect major responsibilities and may not include all tasks performed by an individual.
• The incumbent shall perform any additional related duties assigned by the respective line manager to meet operational requirements.
• The incumbent shall ensure the highest standards are followed to safeguard the sensitive and confidential data of the organization.

Minimum Required Qualifications, Certificates & Skills

• Bachelor's degree in Accounting, Finance, Risk Management, IT, or a related field.
• Minimum 4-5 years of experience in risk management or internal audit, either with Big 4 consulting firms or equivalent experience of 7-8 years in a similar role.

Any relevant certification or training such as :

• Certified Internal Auditor (CIA)

#J-18808-Ljbffr

Purpose :

The Risk Management Specialist is responsible for implementing the organization’s risk management framework, ensuring the identification, assessment, and mitigation of risks that may impact strategic and operational objectives. The role ensures compliance with regulatory requirements and industry best practices while embedding risk awareness within the organization. Job Summary :

The Risk Management Specialist is responsible for conducting risk assessments, implementing mitigation strategies, developing risk reports, and ensuring compliance with ISO 31000. This role plays a key part in embedding a proactive risk management culture and enhancing resilience by integrating risk frameworks into business operations. Main Responsibilities & Tasks Conduct comprehensive risk assessments for enterprise, operational, and project-based risks, ensuring proactive identification and mitigation. Obtain, assess, and continuously monitor risk treatment plans, ensuring effectiveness and timely execution. Assist the Executive Director (ED) in engaging with senior leadership to align risk management strategies with organizational objectives. Ensure full alignment with ISO 31000, corporate governance frameworks, and regulatory standards. Develop and maintain the risk management framework in accordance with organizational governance policies and external regulatory bodies. Develop risk management training materials and conduct workshops to enhance awareness across the organization. Foster a risk-aware culture by embedding risk considerations into daily operations and decision-making. Analyze past incidents, near misses, and emerging risks to enhance the organization’s risk management framework. Implement lessons learned and update risk controls to improve resilience and prevent recurrence. Assess fraud risks, financial exposures, and oversee the implementation of internal controls to mitigate financial and reputational losses. Support in assessing fraud prevention frameworks, including detection and reporting mechanisms. Utilize risk analytics tools to enhance predictive capabilities and support data-driven decision-making. Develop risk indicators (KRIs) and risk dashboards for real-time monitoring and reporting. Support the ED in Board, BAC, and BEC risk reporting, ensuring visibility on strategic risks impacting governance. Assist in defining, maintaining, and periodically reviewing risk appetite statements. Develop and maintain risk dashboards, reports, and key insights for senior leadership and governance committees. Ensure seamless integration of risk management with Operational Management, Internal Audit, and Board Committees for effective oversight. Note that job descriptions are written to reflect major responsibilities and may not include all tasks performed by an individual. The incumbent shall perform any additional related duties assigned by the respective line manager to meet operational requirements. The incumbent shall ensure the highest standards are followed to safeguard the sensitive and confidential data of the organization. Minimum Required Qualifications, Certificates & Skills Bachelor's degree in Accounting, Finance, Risk Management, IT, or a related field. Minimum 4-5 years of experience in risk management or internal audit, either with Big 4 consulting firms or equivalent experience of 7-8 years in a similar role. Any relevant certification or training such as : Certified Internal Auditor (CIA)

#J-18808-Ljbffr

We are looking for:
**Risk Management Engineering**

Qualifications:

- 20 Years of experience in infrastructure projects.
- Bachelor’s degree from a recognised university in Engineering or equivalent
- Evidence of suitable professional qualification, PMI-RMP or equivalent
- Excellent communication skills in English, written and spoken
- Driver's License
- Master’s degree in a relevant field is preferred
- Certificate in Primavera or equivalent software
- **Arabic language skills**:

- Experience of working in Qatar or the Gulf region
- MMUP certified

**Job Types**: Full-time, Permanent

**Education**:

- Bachelor's (preferred)

**Experience**:

- Evidence of suitable professional qualification, PMI-RMP: 10 years (preferred)
- Risk Management Engineering: 10 years (preferred)
- infrastructure projects.: 10 years (preferred)
- working in Qatar or the Gulf region: 10 years (preferred)

**Language**:

- Excellent skills in English, written and spoken (preferred)
- Arabic language skills (preferred)

License/Certification:

- Driver's License (preferred)
- Master’s degree in a relevant field is preferred (preferred)
- MMUP CERTIFIED (preferred)
- Certificate in Primavera or equivalent software (preferred)

Overview

Canonical is seeking a Security Risk Management Specialist to lead security risk assessments, modelling, and risk management practices. In security risk management we aim to combine industry best practice with innovation in how we perform security risk assessments and modelling. The security risk management team is the primary owner of the strategy and practices for identifying, tracking, and reducing security risk across Canonical's products, services, and operations.

To support this, we apply industry best practices with threat information to promote risk identification, quantification, impact analysis, and modelling to drive decision making. In this role you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will work within the team and cross-functionally with other teams across the organisation. The team contributes requirements for Canonical product security, improving the resilience of Ubuntu customers and users against cyber threats. The team also collaborates with Organisational Learning and Development to develop playbooks and facilitate security training across Canonical.

The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

Responsibilities

• Define Canonical's security risk management standards and playbooks
• Analyse and improve Canonical's security risk practices
• Evaluate, select and implement new security requirements, tools and practices
• Grow the presence and thought leadership of Canonical security risk management practice
• Develop Canonical security risk learning and development materials
• Work with Security leadership to present information and influence change
• Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs
• Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)
• Participate in risk management, decision-making, and collaborative discussions
• Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes
• Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action
• Develop templates and materials to help with self-service risk management actions
• Monitor and identify opportunities to improve the effectiveness of risk management processes
• Launch campaigns to perform security assessments and help mitigate security risks across the company
• Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities

Qualifications

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
• Expertise in threat modelling and risk management frameworks
• Broad knowledge of how to operationalize the management of security risk
• Experience in Secure Development Lifecycle and Security by Design methodology

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level

• Entry level

Employment type

• Full-time

Job function

• Finance and Sales

Industries

• Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Location: Doha, Doha, Qatar

#J-18808-Ljbffr