77 Security Policy Development jobs in Qatar

Job Purpose

Responsible for the development and administration of Cyber Security Governance, Risk, and Compliance (GRC). Develops reporting metrics, dashboards, and evidence artifacts. Primary responsibility for defining, creating, and monitoring of QAFCO Cyber security policies and procedures in support of regulatory, strategy and policy compliance as well as establishing and managing IT and OT cyber security risk frameworks and Management Systems.

• Monitor and review IT and OT security practices and processes, including changes to systems, methods, procedures, and processes with a focus on improving current business practices and processes to minimize cyber security risk.
• Coordinate the design, implementation, operations, and maintenance of the information/cyber security management systems in coordination with the IT department and relevant business units based on the ISO/IEC 27000 family of standards including obtaining ISO 27001 certification where applicable.
• Design and operate monitoring and improvement activities to ensure compliance both with internal security policies and procedures and applicable laws and regulations.
• Coordinate the establishment of a cyber security management system, based on standards such as IEC/62443 for QAFCO's Operational Technology (OT)/Industrial Control Systems (ICS) in coordination with the Maintenance department.
• Maintain a list of incompatible duties (segregation of duties or SOD) related to IT and OT systems and applications and manage the risk associated with SOD. Draft reports to the IT Steering Committee on the Cyber Security risks and the status of the Information Security Management System (ISMS).
• Implement and continuously improve the information classification process.
• Deliver the projects delegated from the Head of Cyber Security Plan, prepare and execute GRC projects.
• Oversee the implementation and execution of IT and OT cyber security strategical initiatives, provide executive reports to the Head of Cyber Security on demand.
• Support the development and implementation of IT and OT cyber security risk management frameworks.
• Validate the identified IT and OT cyber security risks and risk registers in a timely manner.
• Support the continuous improvement of IT and OT cyber security risk management programs, processes, and practices.
• Monitor and report the progress of risk management practices identified during security and vulnerability assessments, penetration testing to the Head of Cyber security.
• Assure that cyber security processes and practices are in line with internal and external requirements. Responsible for internal and external audit compliance, and remediation of possible findings in a timely manner.
• Participate in the compliance management framework liaising with internal relevant functions and external regulatory authorities.
• Research and create a proposal on how to utilize the latest cyber security standards.
• Develop, implement, and operate a comprehensive cyber security awareness program to meet maturity level objectives aligned with cyber security strategy.
• Design awareness metrics and KPIs and report against them on a regular basis.

• Bachelor’s Degree in relevant discipline
• Minimum of 10 years direct and relevant experience
• In depth knowledge of risk and security frameworks, standards and best practices (e.g. ITIL, COBIT, ISO2700x, IEC/62443)
• Credentials: Certified Information Systems Auditor (CISA), CISSP, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC).

Job Summary:

Responsible for the development and administration of Cyber Security Governance, Risk, and Compliance (GRC). Develops reporting metrics, dashboards, and evidence artifacts. Primary responsibility for defining, creating, and monitoring of QAFCO Cyber security policies and procedures in support of regulatory, strategy and policy compliance as well as establishing and managing IT and OT cyber security risk frameworks and Management Systems.

Key Accountabilities:

• Monitor and review IT and OT security practices and processes, including changes to systems, methods, procedures, and processes with a focus on improving current business practices and processes to minimize cyber security risk
• Coordinate the design, implementation, operations, and maintenance of the information/cyber security management systems in coordination with the IT department and relevant business units based on the ISO/IEC 27000 family of standards including obtaining ISO 27001 certification where applicable
• Design and operate monitoring and improvement activities to ensure compliance both with internal security policies and procedures and applicable laws and regulations
• Coordinate the establishment of a cyber security management system, based on standards such as IEC/62443 for QAFCO's Operational Technology (OT)/Industrial Control Systems (ICS) in coordination with the Maintenance department
• Maintain a list of incompatible duties (segregation of duties or SOD) related to IT and OT systems and applications and manage the risk associated with SOD
• Draft reports to the IT Steering Committee on the Cyber Security risks and the status of the Information Security Management System (ISMS)
• Implement and continuously improve the information classification process
• Plan, prepare and execute GRC projects
• Oversee the implementation and execution of IT and OT cyber security strategical initiatives, provide executive reports to the Head of Cyber Security on demand
• Support the development and implementation of IT and OT cyber security risk management frameworks
• Validate the identified IT and OT cyber security risks and risk registers in a timely manner
• Support the continuous improvement of IT and OT cyber security risk management programs, processes, and practices
• Monitor and report the progress of risk management practices identified during security and vulnerability assessments, penetration testing to the Head of Cyber security
• Assure that cyber security processes and practices are in line with internal and external requirements. Responsible for internal and external audit compliance, and remediation of possible findings in a timely manner
• Participate in the compliance management framework liaising with internal relevant functions and external regulatory authorities
• Research and create a proposal on how to utilize the latest cyber security standards
• Develop, implement, and operate a comprehensive Cyber security awareness program to meet maturity level objectives aligned with Cyber security strategy
• Design awareness metrics and KPIs and report against them on regular basis

Desired Candidate Profile:

• Bachelor's Degree in relevant discipline
• Minimum of 10 years direct and relevant experience
• In depth knowledge of risk and security frameworks, standards and best practices (e.g. ITIL, COBIT, ISO2700x, IEC/62443)
• Credentials: Certified Information Systems Auditor (CISA), CISSP, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC).

Job Purpose:
Responsible for the development and administration of Cyber Security Governance, Risk, and Compliance (GRC). Develops reporting metrics, dashboards, and evidence artifacts. Primary responsibility for defining, creating, and monitoring of QAFCO Cyber security policies and procedures in support of regulatory, strategy and policy compliance as well as establishing and managing IT and OT cyber security risk frameworks and Management Systems.

*Job Purpose: *
Responsible for the development and administration of Cyber Security Governance, Risk, and Compliance (GRC). Develops reporting metrics, dashboards, and evidence artifacts. Primary responsibility for defining, creating, and monitoring of QAFCO Cyber security policies and procedures in support of regulatory, strategy and policy compliance as well as establishing and managing IT and OT cyber security risk frameworks and Management Systems.

*Key Accountabilities: *

• Monitor and review IT and OT security practices and processes, including changes to systems, methods, procedures, and processes with a focus on improving current business practices and processes to minimize cyber security risk.
• Coordinate the design, implementation, operations, and maintenance of the information/cyber security management systems in coordination with the IT department and relevant business units based on the ISO/IEC 27000 family of standards including obtaining ISO 27001 certification where applicable.
• Design and operate monitoring and improvement activities to ensure compliance both with internal security policies and procedures and applicable laws and regulations.
• Coordinate the establishment of a cyber security management system, based on standards such as IEC/62443 for QAFCO's Operational Technology (OT)/Industrial Control Systems (ICS) in coordination with the Maintenance department.
• Maintain a list of incompatible duties (segregation of duties or SOD) related to IT and OT systems and applications and manage the risk associated with SOD. Draft reports to the IT Steering Committee on the Cyber Security risks and the status of the Information Security Management System (ISMS).
• Implement and continuously improve the information classification process.
• Deliver the projects delegated from the Head of Cyber Security Plan, prepare and execute GRC projects.
• Oversee the implementation and execution of IT and OT cyber security strategical initiatives, provide executive reports to the Head of Cyber Security on demand.
• Support the development and implementation of IT and OT cyber security risk management frameworks.
• Validate the identified IT and OT cyber security risks and risk registers in a timely manner.
• Support the continuous improvement of IT and OT cyber security risk management programs, processes, and practices.
• Monitor and report the progress of risk management practices identified during security and vulnerability assessments, penetration testing to the Head of Cyber security.
• Assure that cyber security processes and practices are in line with internal and external requirements. Responsible for internal and external audit compliance, and remediation of possible findings in a timely manner.
• Participate in the compliance management framework liaising with internal relevant functions and external regulatory authorities
• Research and create a proposal on how to utilize the latest cyber security standards.
• Develop, implement, and operate a comprehensive Cyber security awareness program to meet maturity level objectives aligned with Cyber security strategy
• Design awareness metrics and KPIs and report against them on regular basis.

*Desired Candidate Profile: *

• Bachelor's Degree in relevant discipline
• Minimum of 10 years direct and relevant experience.
• In depth knowledge of risk and security frameworks, standards and best practices (e.g. ITIL, COBIT, ISO2700x, IEC/62443)
• Credentials: Certified Information Systems Auditor (CISA), CISSP, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC).
• Key Accountabilities: Monitor and review IT and OT security practices and processes, including changes to systems, methods, procedures, and processes with a focus on improving current business practices and processes to minimize cyber security risk.
• Coordinate the design, implementation, operations, and maintenance of the information/cyber security management systems in coordination with the IT department and relevant business units based on the ISO/IEC 27000 family of standards including obtaining ISO 27001 certification where applicable.
• Design and operate monitoring and improvement activities to ensure compliance both with internal security policies and procedures and applicable laws and regulations.
• Coordinate the establishment of a cyber security management system, based on standards such as IEC/62443 for QAFCO's Operational Technology (OT)/Industrial Control Systems (ICS) in coordination with the Maintenance department.
• Maintain a list of incompatible duties (segregation of duties or SOD) related to IT and OT systems and applications and manage the risk associated with SOD. Draft reports to the IT Steering Committee on the Cyber Security risks and the status of the Information Security Management System (ISMS).
• Implement and continuously improve the information classification process.
• Deliver the projects delegated from the Head of Cyber Security Plan, prepare and execute GRC projects.
• Oversee the implementation and execution of IT and OT cyber security strategical initiatives, provide executive reports to the Head of Cyber Security on demand.
• Support the development and implementation of IT and OT cyber security risk management frameworks.
• Validate the identified IT and OT cyber security risks and risk registers in a timely manner.
• Support the continuous improvement of IT and OT cyber security risk management programs, processes, and practices.
• Monitor and report the progress of risk management practices identified during security and vulnerability assessments, penetration testing to the Head of Cyber security.
• Assure that cyber security processes and practices are in line with internal and external requirements. Responsible for internal and external audit compliance, and remediation of possible findings in a timely manner.
• Participate in the compliance management framework liaising with internal relevant functions and external regulatory authorities
• Research and create a proposal on how to utilize the latest cyber security standards.
• Develop, implement, and operate a comprehensive Cyber security awareness program to meet maturity level objectives aligned with Cyber security strategy
• Design awareness metrics and KPIs and report against them on regular basis.

Desired Candidate Profile:

• Bachelor's Degree in relevant discipline
• Minimum of 10 years direct and relevant experience.
• In depth knowledge of risk and security frameworks, standards and best practices (e.g. ITIL, COBIT, ISO2700x, IEC/62443)
• Credentials: Certified Information Systems Auditor (CISA), CISSP, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC).

Information Security Analyst

We are hiring an Information Security Analyst to join our growing team in Umm-Salal. The ideal candidate will have a strong background in information security and a passion for protecting sensitive data. As an Information Security Analyst, you will be responsible for ensuring the confidentiality, integrity, and availability of our company's information systems. This includes conducting risk assessments, implementing security measures, and monitoring for potential threats.

Responsibilities:

• Conduct regular risk assessments to identify vulnerabilities and potential threats
• Develop and implement security policies and procedures to protect company data
• Monitor network activity and investigate any suspicious behavior or incidents
• Collaborate with IT teams to ensure proper security measures are in place for new systems or upgrades
• Stay informed about the latest trends and developments in information security
• Perform regular audits to ensure compliance with industry standards and regulations
• Train employees on best practices for information security awareness
• Respond promptly to any security breaches or incidents

Requirements:

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Proven experience as an Information Security Analyst or similar role
• In-depth knowledge of network security protocols, firewalls, and intrusion detection systems
• Familiarity with risk assessment tools and techniques
• Strong understanding of industry standards such as ISO 27001/27002, NIST, or COBIT
• Excellent communication skills and ability to collaborate with cross-functional teams
• Relevant certifications such as CISSP, CISM, or GIAC are preferred but not required

Salary: 1200 USD per month

Employment Type: Full-time

Location: Umm-Salal

Preference: Indian candidates preferred

Language Requirement: Fluent in English

Note: This position does not include accommodation.

We are an equal opportunities employer and welcome applications from all qualified candidates.

Information Security Analyst vacancy in Umm-Salal, Qatar.

We are currently hiring for the position of Information Security Analyst in Umm-Salal. As an Information Security Analyst, you will be responsible for protecting our company's sensitive information and ensuring the security of our systems and networks. Your main duties will include conducting security audits, identifying vulnerabilities and risks, implementing security measures, and responding to security incidents. You will also be responsible for educating employees on security best practices and keeping up-to-date with the latest security trends and technologies.

• Conduct security audits; identify vulnerabilities and risks; implement security measures; respond to security incidents.
• Educate employees on security best practices.
• Keep up-to-date with the latest security trends and technologies.
• Work with IT teams to protect information systems and networks.

• Strong understanding of information security principles.
• Experience with network and system security tools.
• A degree in computer science or a related field is preferred.
• Excellent communication skills to convey complex technical concepts to non-technical stakeholders.
• Detail-oriented with the ability to work independently and manage multiple tasks.

Salary: 1200$ per month. Opportunities for career growth.

If you are passionate about protecting sensitive information and have the necessary skills and qualifications, we would love to hear from you. Apply now to join our dynamic team.

Job Title: Information Security Analyst

We are seeking a highly skilled and experienced Information Security Analyst to join our team in Umm-Salal, Qatar. As an Indian national, you will have the opportunity to work in a diverse and dynamic environment while utilizing your expertise in information security.

In this role, you will be responsible for protecting our organization's information systems and data from potential cyber threats. You will work closely with the IT department to identify vulnerabilities, implement security measures, and conduct regular security audits.

• Conduct risk assessments and develop plans to mitigate any potential threats
• Monitor network activity for any suspicious behavior or unauthorized access
• Implement and maintain security protocols and procedures
• Perform regular vulnerability testing and analysis
• Investigate any security breaches or incidents and provide recommendations for improvement
• Provide training to employees on security best practices
• Stay updated on the latest industry trends and technologies related to information security

• Bachelor's degree in Computer Science, Information Technology or a related field
• At least 3 years of experience as an Information Security Analyst or similar role
• Strong knowledge of cybersecurity principles and best practices
• Experience with vulnerability assessment tools and techniques
• Familiarity with network architecture, protocols, and standards
• Excellent problem-solving skills with attention to detail
• Ability to work independently as well as in a team environment
• Certification such as CISSP or CISM is preferred

As an Indian national working in Qatar, you will have the opportunity to grow your career while experiencing a new culture. Our company values diversity and promotes a collaborative work environment where everyone's ideas are valued.

If you are passionate about information security and have the necessary skills and experience, we would love to hear from you! Apply now to join our team as an Information Security Analyst.

We are an equal opportunities employer and welcome applications from all qualified candidates.

Information Security Analyst
Location: Umm-Salal, Qatar
Nationality: Indian (preferred)

As an Information Security Analyst, you will be responsible for protecting the organization's data and information systems from potential cyber threats. Your main role will be to identify vulnerabilities and risks in the system, develop and implement security measures, and monitor for any suspicious activity.

• Conduct regular security audits and risk assessments to identify potential vulnerabilities in the system
• Develop, implement, and maintain security policies and procedures to protect the organization's data
• Monitor network traffic and systems for any signs of unauthorized access or malicious activity
• Collaborate with other IT teams to ensure proper security protocols are in place
• Keep up-to-date with emerging cyber threats and provide recommendations on how to mitigate them
• Investigate security incidents and provide timely resolution
• Train employees on best practices for information security

• Bachelor's degree in Computer Science or a related field
• Minimum of 2 years of experience in information security analysis
• Strong knowledge of network protocols, firewalls, intrusion detection systems, and other security tools
• Familiarity with industry standards such as ISO 27001/2, NIST, or CIS Controls
• Excellent communication skills in English
• Ability to work full time with a flexible schedule

BAE Systems Strategic Aerospace Services WLL Full time

The Information Security Engineer willfocus on ensuring the organization's applications and data is secure and builtaccording to best security standards. This role will be the subject matterexpert on building secure code, application security, vulnerability testing,and providing security validation to the organization's environments.

• Performscheduled penetration testing of the company's applications
  
• Performwhite, gray and black box security assessments.
  
• Supportthe organization, JVs and Subsidiaries in implementing Secure Softwaredevelopment lifecycle.
  
• PerformMobile Services security Assessments.
  
• Supportthe organizations' environment monitoring by using available tools or helpbuild internal tools to enable advanced threat detection and response.
  
• ConductSecurity Vulnerability Assessments and impact assessment on company's electronicassets.
  
• PerformSecurity Assessments on ERP and other on-premise solutions.
  
  

Skills,Knowledge and Behaviors:

• Ability to lead directand indirect resources
  
• Ability to communicatetechnical challenges to non-technical audiences
  
• Ability to quantify riskand impact vectors
  
• Certified Ethical Hacker
  
• OCSP level of technicalexpertise
  
• Strong Scriptingcapability
  
• Strong Applicationsecurity background
  
• Strong Infrastructuresecurity Background
  
• Strong experience in open source security tools
  

• SecurityCertification focusing on offensive or defensive practices
  
• Bachelor's degreein Information Security or Computer Engineering
  
• 10 + years incybersecurity field
  
• System, networkand/or application background