21 Security Roles jobs in Doha

**About Role**

**Role & Responsibilities**
- Participating in event planning stages to develop cyber assessment plans and conducting no-notice penetration tests
- Creating Red Team support materials (e.g. Probabilistic Attack Graphs, Cyber Exercise Playbooks etc.)
- Assisting with the on-boarding of new members of the Red Team through work shadowing and knowledge transfer sessions
- Ensuring that testing is conducted in accordance with regulatory frameworks and compliance requirements

**Be part of an extraordinary story**

Your skills. Your imagination. Your ambition. Here, there are no boundaries to your potential and the impact you can make. You’ll find infinite opportunities to grow and work on the biggest, most rewarding challenges that will build your skills and experience. You have the chance to be a part of our future, and build the life you want while being part of an international community.

Our best is here and still to come. To us, impossible is only a challenge. Join us as we dare to achieve what’s never been done before. Together, everything is possible.

**Qualifications**:
**Experience and Skills required for this role**
- Bachelor Degree with minimum 5 years of job related experience
- Professional hands-on experience in Red Team activities specially Network Exploitation, Cloud Exploitation, Active Directory, Red Team Operator and/or Exploit Development, (Incl., tools such as Cobalt Strike, Mythic, Covenant, other penetration testing frameworks, etc.)
- Experience in evading/ bypassing security controls such as AV, EDR, Application whitelisting, DLP etc.
- Experience in prepare detailed reports and brief to various stake holders
- Experience with MITRE ATT&CK framework
- Strong experience with scripting and customized compiling in at least one language, (e.g., Python Ruby, Go, C/C++/C#, JavaScript)
- Experience in scripting and developing tools in Python, PowerShell, bash etc.
- Experience in buildingautomating RedBlue Team Infrastructure.
- Understanding of national and international laws, regulations, policies, and ethics related to penetration testing and Red Teaming

**Certifications (preferred)**

CRTP, CRTE, CRTO, CARTP, RTO, OSCP, OSCE3 (OSED/OSEP/OSWE), GPEN, GXPN and GCPN

**About Qatar Airways Group**

Our story started with four aircraft. Today, we deliver excellence across 12 different businesses coming together as one. We’ve grown fast, broken records and set trends that others follow. We don’t slow down by the fear of failure. Instead, we dare to achieve what’s never been done before.

So whether you’re creating a unique experience for our customers or innovating behind the scenes, every person contributes to our proud story. A story of spectacular growth and determination. Now is the time to bring your best ideas and passion to a place where your ambition will know no boundaries, and be part of a truly global community.

**How to apply

Role Description:

The Cyber Security Analyst will monitor cybersecurity solutions to detect and analyze potential system compromises, perform root cause analysis, and support remediation efforts.

This role requires a strong technical understanding of cybersecurity concepts and a passion to develop as an expert in the field.

The candidate must have hands-on experience with SIEM solutions , threat hunting, and incident response. They will work closely with operational staff at customer sites and be responsible for researching emerging threats and communicating associated risks.

Roles & Responsibilities:

• Act as escalation point and Subject Matter Expert (SME) on security issues
• Analyze and validate security alerts and incidents
• Create/update incidents in the case management system
• Notify customers and support throughout the incident management lifecycle
• Track case progress and provide analysis updates
• Collaborate with stakeholders to maintain strong working relationships
• Provide on-call support for incident investigations
• Conduct post-incident reviews and develop operational metrics
• Mentor junior colleagues and develop training materials
• Analyze threat intelligence and share insights with relevant teams
• Develop use cases for security monitoring and model threats
• Hunt for IoCs, IoAs, APTs , and related TTPs
• Develop repeatable threat hunting tactics
• Integrate standard/non-standard logs into SIEM systems
• Enhance SOC procedures and contribute to continuous improvement
• Identify process improvement opportunities for better service delivery

Skills

Required Skills:

• Troubleshooting of network and Windows/*nix connectivity issues
• Understanding of TCP/IP , network traffic, and log analysis
• Strong knowledge of OS, network architecture, and system design principles
• Experience with cybersecurity tools like SIEM, EDR, SOAR
• Knowledge of cyber threats , vulnerabilities, and mitigation strategies
• Familiarity with key SOC technologies: ArcSight, Splunk, IBM QRadar , etc.
• Ability to collaborate with both technical and non-technical stakeholders
• Strong problem-solving skills and ability to remain calm under pressure
• Excellent written and verbal communication skills

Educational Qualifications:

• Relevant degree in IT, cybersecurity, or related field
• One or more relevant industry certifications

Desirable Qualifications:

• Experience in the Middle East region
• Prior work in MSSP or MDR environments
• Familiarity with 24/7 security operations
• Exposure to multiple SIEM and EDR solutions
• Industry certifications such as GSOC, BTL1, MBT , etc.

#J-18808-Ljbffr

Role Description: The Cyber Security Analyst will monitor cybersecurity solutions to detect and analyze potential system compromises, perform root cause analysis, and support remediation efforts. This role requires a strong technical understanding of cybersecurity concepts and a passion to develop as an expert in the field. The candidate must have hands-on experience with

SIEM solutions , threat hunting, and incident response. They will work closely with operational staff at customer sites and be responsible for researching emerging threats and communicating associated risks. Roles & Responsibilities: Act as escalation point and

Subject Matter Expert (SME)

on security issues Analyze and validate security alerts and incidents Create/update incidents in the case management system Notify customers and support throughout the incident management lifecycle Track case progress and provide analysis updates Collaborate with stakeholders to maintain strong working relationships Provide

on-call support

for incident investigations Conduct post-incident reviews and develop operational metrics Mentor junior colleagues and develop training materials Analyze threat intelligence and share insights with relevant teams Develop use cases for security monitoring and model threats Hunt for

IoCs, IoAs, APTs , and related TTPs Develop repeatable

threat hunting tactics Integrate standard/non-standard logs into SIEM systems Enhance SOC procedures and contribute to continuous improvement Identify process improvement opportunities for better service delivery Skills Required Skills: Troubleshooting of network and Windows/*nix connectivity issues Understanding of

TCP/IP , network traffic, and log analysis Strong knowledge of OS, network architecture, and system design principles Experience with

cybersecurity tools

like SIEM, EDR, SOAR Knowledge of

cyber threats , vulnerabilities, and mitigation strategies Familiarity with key SOC technologies:

ArcSight, Splunk, IBM QRadar , etc. Ability to collaborate with both technical and non-technical stakeholders Strong problem-solving skills and ability to remain calm under pressure Excellent written and verbal communication skills Educational Qualifications: Relevant degree in IT, cybersecurity, or related field One or more relevant industry certifications Desirable Qualifications: Experience in the Middle East region Prior work in MSSP or MDR environments Familiarity with

24/7 security operations Exposure to multiple

SIEM and EDR solutions Industry certifications such as

GSOC, BTL1, MBT , etc.

#J-18808-Ljbffr

Direct message the job poster from OISSG Consultancy

Specialised in Cybersecurity Consultancy

• Lead and deliver ISO 27001 / ISO 22301 / ISO 27701 implementation projects.
• Independently manage GRC assignments, including establishing client-specific risk management frameworks.
• Conduct risk-based IS audits and drive improvements in project-level ISMS documentation with client sign-off.
• Guide and support ISMS consultants; coordinate with certification auditors to ensure timely closure of non-conformities.
• Lead data privacy engagements and maintain effective communication with key stakeholders for ongoing security enhancements.
• Stay current with industry threats and trends; provide accurate cost estimates for security tools and solutions.
• Support business development and pre-sales through client meetings and proposal creation

• Intensive understanding of security methodologies and industry standards (e.g. ISO 27001, Business Continuity Standards, IT Governance)

• Excellent Communication and Presentation Skills

• Exposure to the NIST Cybersecurity Framework and other international security standards is a plus.

Experience:

• 4 to 7 years preferably with consulting background in ISMS.

• Minimum handled 5 end to end ISMS implementation.

Qualifications:

• Bachelor’s degree in science/computer applications.

• Relevant Certification from authorized training body (CISA / CISM / CISSP) is essential

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Consulting
• Industries Business Consulting and Services

Referrals increase your chances of interviewing at OISSG Consultancy by 2x

Sign in to set job alerts for “Information Security Consultant” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

JOB PURPOSE To oversee, implement, and monitor the organization’s Information Security program in accordance with Qatar Central Bank (QCB) regulations and international security standards. This role ensures the confidentiality, integrity, and availability of Almana Exchange's data and systems through independent risk-based governance, policy enforcement, and compliance oversight. KEY RESULTS AREAS / DELIVERABLES & KEY ACTIVITIES INFORMATION SECURITY GOVERNANCE Establish and maintain Almana Exchange’s Information Security framework, aligned with QCB instructions and industry best practices. Define and regularly update information security policies, procedures, and standards to protect company assets. Communicate the Information Security strategy and policies to staff across departments to ensure organization-wide awareness and adherence. Ensure compliance with QCB Technology Risk requirements and contribute to external and internal audit engagements. Serve as the focal point for all regulatory requirements related to information security. Ensure security-related roles and responsibilities are clearly defined and communicated throughout the organization. RISK MANAGEMENT & COMPLIANCE OVERSIGHT Identify, assess, and monitor technology risks across Almana Exchange’s infrastructure and services. Implement a formal Information Security Risk Management framework that includes risk classification, likelihood and impact analysis, risk ownership, and treatment planning. Ensure a regular schedule for risk assessments, penetration testing, and vulnerability analysis is in place. Oversee the incident reporting and escalation process and ensure proper documentation and resolution. Report the security posture and key risks periodically to senior management and QCB as required. Follow up on risk remediation and control gaps identified during assessments or audits ASSET CLASSIFICATION & PROTECTION Establish a data classification scheme and ensure critical assets are labeled and handled accordingly. Coordinate the maintenance of an enterprise-wide asset registry covering data, systems, and applications. Define security control requirements based on asset classification, including data encryption, segregation, and access control. Ensure that information assets are adequately protected using approved controls and frameworks. Collaborate with IT to validate the effective implementation of these controls. Promote best practices for data handling, storage, and disposal in accordance with regulatory mandates. AWARENESS, TRAINING & STAKEHOLDER COMMUNICATION Develop and lead periodic Information Security awareness programs for staff, including phishing simulations and compliance refreshers. Provide advisory support to departments on new projects, ensuring security is embedded by design. Serve as the key liaison for information security matters between Almana Exchange and third parties (vendors, service providers, and regulators). Deliver presentations to leadership and contribute to board-level security updates as needed. Lead the internal communication of any security events, policy updates, or new regulatory requirements. Support business continuity and disaster recovery planning initiatives from a security standpoint. MONITORING, REPORTING & SECURITY METRICS Oversee continuous monitoring of the organization’s cybersecurity environment, including threat intelligence and control effectiveness. Ensure between Information Security reporting and QCB's regulatory templates and audit alignment expectations. Collect, analyze, and report on security Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs). Coordinate with IT security operations to gather insights and validate threat detection and response capabilities. Generate monthly and quarterly management reports on Information Security status, risks, and ongoing initiatives. Monitor compliance with ISO 27001, NIST, or equivalent standards. Skills EDUCATION Bachelor’s degree in Information Security, Computer Science, MIS, or a related technical field. Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or equivalent mandatory. EXPERIENCE Minimum 6–8 years of experience in Information Security, Risk, or Governance. Prior experience working in a regulated financial institution or exchange house is highly preferred. Familiarity with QCB regulations and international frameworks (ISO 27001, NIST, COBIT, CIS). COMPETENCIES Strong understanding of information security principles, threat management, and compliance reporting. Excellent knowledge of data privacy, encryption, access controls, and regulatory risk. Strong analytical, communication, and presentation skills. High integrity and professional discretion when handling sensitive and confidential information. Ability to assess and articulate information security risk in business terms. Detail-oriented with strong planning, organizational, and problem-solving skills. Capable of building productive relationships across cross-functional teams.

#J-18808-Ljbffr

Primary responsible for planning, coordinating, and organizing Information Security activities. Enforce and monitor the implementation and compliance with IT Information Security Policy. Develop and manage the implementation of Information Security Policies and Procedures. Ensure Risk Assessments are conducted on all information systems such as people, process, technology, and information processing facilities. Ensure implementation of all Information Security controls, as set forth in the Risk Treatment Plan, to ensure adequate security for the respective system. Conduct Information Security communications and outreach by leveraging the Information Security Management System (ISMS) committee. Establish appropriate measures to assess operational capabilities and determine compliance and effectiveness levels with Information Security Policy. Supervise other related assurance functions, as necessary. Ensure the compliance of Information Security Policies in the organization. Develop and ensure implementation of Information Security procedures. Develop and ensure implementation of incident handling and reporting. Follow-up, escalate, and report the resolution of Information Security issues identified during security assessments, penetration tests, and audits. Develop, implement, and maintain Disaster Recovery (DR) procedures and infrastructure in relation to the Business Continuity Plan (BCP) / IT Service Contingency Plan. Conduct and coordinate Information Security awareness and orientation programs. Responsible for conducting Committee meetings. Security Incident Management Establish a formal procedure for internally reporting and tracking security incidents. Ensure incident response and escalation procedures are followed, and inform all employees, contractors, and third-party users of their responsibility to report security incidents. Incident Handling : Participate and / or oversee the investigation and management of information security events and policy violations and track them to conclusion. Incident Notification and Reporting : Follow policy for the notification and reporting of incidents immediately upon discovery. Corrective / Preventive Actions : Develop and document corrective action plans and implement preventive actions to mitigate recurrence. Analyze a security incident to detect an underlying problem that exists or is likely to exist. Categorize and prioritize the problem based on the frequency, severity, and impact of the incident. Investigate and diagnose the root cause of the problem. Test and apply temporary workarounds. Document the known error record. Create a formal process to address risk through the coordination and control of activities regarding each risk. Conduct formal vulnerability assessments of the environment on a regular basis. Create a formal process to mitigate vulnerabilities and more. Qualifications Experience 8+ years in IT work experience 5+ years in a similar role Education Bachelor of Engineering Or Bachelor of IT Or Bachelor of Computer Science Certifications CRISC – Certified in Risk and Information Systems Control Or ISO / IEC 27001 Lead Implementer or Lead Auditor Or CISSP – Certified Information Systems Security Professional Required Skillset Expertise in implementation of security frameworks such as NIST , ISO / IEC 27001 , and other local regulations and frameworks. Expertise in compliance requirements like GDPR , HIPAA , PCI DSS , SOX , and other relevant laws and regulations. Expertise in conducting risk assessments , identifying security risks, evaluating impact, and implementing mitigation strategies. Expertise in developing policies , procedures , and processes . Expertise in creating and managing security awareness and training programs to educate employees on cybersecurity threats and best practices. Information Security Officer • Doha, ad-Dawhah, Qatar

#J-18808-Ljbffr

Direct message the job poster from OISSG Consultancy Specialised in Cybersecurity Consultancy

Lead and deliver ISO 27001 / ISO 22301 / ISO 27701 implementation projects. Independently manage GRC assignments, including establishing client-specific risk management frameworks. Conduct risk-based IS audits and drive improvements in project-level ISMS documentation with client sign-off. Guide and support ISMS consultants; coordinate with certification auditors to ensure timely closure of non-conformities. Lead data privacy engagements and maintain effective communication with key stakeholders for ongoing security enhancements. Stay current with industry threats and trends; provide accurate cost estimates for security tools and solutions. Support business development and pre-sales through client meetings and proposal creation • Intensive understanding of security methodologies and industry standards (e.g. ISO 27001, Business Continuity Standards, IT Governance) • Excellent Communication and Presentation Skills • Exposure to the NIST Cybersecurity Framework and other international security standards is a plus. Experience: • 4 to 7 years preferably with consulting background in ISMS. • Minimum handled 5 end to end ISMS implementation. Qualifications: • Bachelor’s degree in science/computer applications. • Relevant Certification from authorized training body (CISA / CISM / CISSP) is essential Seniority level

Seniority level Mid-Senior level Employment type

Employment type Full-time Job function

Job function Consulting Industries Business Consulting and Services Referrals increase your chances of interviewing at OISSG Consultancy by 2x Sign in to set job alerts for “Information Security Consultant” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Responsible for the day to day administration and maintaining compliance of our PCI zones
- Works with business units to identify security requirements, using methods that may include risk and business impact assessments
- Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance

**Salary**: QAR13,000.00 - QAR15,000.00 per month

Urgent Requirement A well-known IT Consultancy in Qatar is looking for suitable candidates to furnish the below position local with NOC, JOB Title :

Information Security (ISMS) Consultants Nationality :

Indian / Pakistan / Filipino Notice Period :

Immediately Job Location :

Qatar Job Description Own and successfully drive projects for ISO 27001, ISO 22301 Successfully handle GRC (Governance, Risk and Compliance) assignments totally independently. Establish risk management framework for the client to address the client specific requirements. Conducting risk based IS Audits Review and enhance project level ISMS documentation and get the client sign-off. Support and guide ISMS consultants Interaction with certification auditors and non-conformities closure within the stipulated time. Data privacy engagements Effective interaction with key stakeholders in relation to ongoing security improvements Keep up to date with the latest news and threats in the security industry. Requirements Required Qualification, Skills & Experience : Intensive understanding of security methodologies and industry standards (e.g. ISO 27001,, Business Continuity Standards, IT Governance) Excellent Communication and Presentation Skills Experience : 3 to 5 years preferably with Consultancy Background in ISMS. Bachelor’s degree in science / computer applications. Relevant Certification from authorized training body (CISA / CISM / CISSP) is essential. ISO 27001 : 2013 Lead Auditor / Lead Implementer ISO 22301 : 2013 Lead Implementer Benefits Gross Salary :

10K – 15K (QAR)

#J-18808-Ljbffr