EAA is currently seeking candidates for the position of Information Security Specialist to be responsible for ensuring stable and secure operation of the organization’s “Information Security” by implementing, monitoring and developing EAA Information Security policies and procedures to ensuring secure network infrastructure, and all the data security architecture in place.

• Conduct regular penetration testing and keep records of all test data and schedule of future testing.
• Maintain security of all electronic data, documents and records and regularly test vulnerabilities.
• Plan, install, and maintain required security software, hardware, firmware, and appliances.
• Provide consultation to management with regard to all information security.
• Identify required policies and procedures for disaster recovery and business continuity.
• Maintain records and controls for all IT security related matters including but not limited to pro-active investigations, risks, threats, actual security events, technology related assets, system life cycles, penetration testing, data vulnerability testing, and provides up to date time schedules of all reviews and follow-ups.
• Evaluate security threats and counter measures that could affect EAA; make recommendations to management to mitigate risks.
• Investigate and report security incidents and malfunctions to management.
• Create and update all policies, procedures and protocols relating to IT security and risk management.
• Coordinate with IT staff to ensure security measures are implemented in accordance with policy requirements.
• Oversee IT network and data security architecture. Improve EAA’s security infrastructure while also improving EAA users ease of use.
• Manage and coordinate technology and security risk management which includes pro-active investigations to test for risk tolerance and potential weaknesses in EAA’s IT environment including but not limited to infrastructure, on-site and off-site data, applications and asset management.
• Evaluate security threats and counter measures that could affect EAA; make recommendations to management to mitigate risks.
• Review and approve all external network connections to EAA’s network.
• Define and mitigate gaps between EAA policies/practices and the Information Security Policy Standards established and issued by the ICT Qatar;
• Maintain current industry knowledge and build relationships with IT security related organizations on industry and government standards, information security market movement, and current technology risks and threats.
• Ensure compliance with all federal and State laws and regulations affecting security controls and classification requirements of EAA’s information.
• Support internal and external IT Audits to ensure complete compliance. In case of any audit findings, design and implement a plan to close the identified gaps.
• Develop security measures and responses to protect EAA IT network and information against breaches and losses.
• Perform customer service activities by ensuring IT related user requests are resolved with minimal continuity disruption
• Act as a focal point for all information security incidents with respect to providing leading practice, trends and information to users related to IT security systems and environment.

In order to be successful in this role you will bring;

• Bachelor’s degree in a relevant field & 6-8 years of relevant full-time work experience, 2 of which at a supervisory level.
• Certified information security Manger CISM, CISSP

Other Requirements

• Knowledge of infrastructure monitoring and management tools;
• Knowledge of Networking, Systems and System Administration;
• Knowledge in Risk Management Frameworks and IT related risks;
• Understanding in Information Security International Standards such as ISO 27001, ISO 22301 and best practices;
• Understanding of Security Information Event Management (SIEM) Tools; and
• Understanding of Business Continuity trends, practices and systems

Application Procedure

If you are interested and this is something you would like to consider, please send your application, including a CV (in English) to [اضغط هنا لمشاهدة البريد اﻹلكتروني]

Please ensure your application email has the subject heading of [Information Security Specialist] – [insert your name]

Only shortlisted candidates will be contacted and advance to the next stage of the selection process due to the large volume of applications we usually receive. If you have not received a reply, we regret to inform that, we have continued with other candidates.