Experience 5-8Yrs
Location Qatar Onsite
Duration Long-term
Arabic and English (Mandatory)
Cybersecurity Lead Engineer – Infrastructure & Network Security role is responsible to maintain information security management within the Infrastructure & Network and continue security controls to maintain adequate cyber security posture within the environment and support manage SJC IT Information Security Lead.
Key Roles & Responsibilities
- Working with Infrastructure, Network and service operation teams to ensure that the SJC IT infrastructure, network and service operation security.
- Coordinate with vendors and conduct vulnerability assessments and penetration testing for infrastructure and network.
- Coordinate with Cybersecurity Engineer – governance and risk management to maintain infrastructure & network security management policies/ procedures and risk management.
- Assist to develop, implement, and manage the overall infrastructure enterprise process for information security and associated architecture standards such as ISO 27001, NIA, cyber security law, privacy management law and Qatar 2022 cyber security requirement.
- Evaluate suspected security breaches and recommend corrective actions (including incidents involving outside vendors).
- Follow cyber security incident management and incident response plan
- Serve as the part of the security incident response planning and execution
- Assist Risk Management, Internal Audit and IT department in the development of appropriate criteria needed to assess the level of new/existing applications and / or technology infrastructure elements for compliance with enterprise security standards.
- Assist in the review of infrastructure and/or technology environments during the development or acquisition process to (a) assure compliance with corporate security policies and directions and (b) assist in the overall integration process regarding SJC IT’s own technology environment.
- Evaluate information security KPIs based on the Information Security/privacy Objectives and reviewing those KPIs based on the security objective’s changes
- maintenance of Infrastructure and network to support the organization’s information security/privacy policies and procedures and ensure timely updating thereof in light of changing circumstances/ best practices/ regulatory directives.
- Conduct security assessments to maintain adequate security posture within the SJC IT Environment
- Improve security operation center monitoring based on new cyber security environment and attacks
- Work with Head of Information Security to coordinate with MOI security shield and maintain the NCSOC onboarding and continuity of connectivity
- Work with Head of Information Security to coordinate with MPTO team and maintain Qatar 2022 implementations based on the agreed roadmap
- Provide daily, weekly and monthly reports to Information Security Lead related environment infrastructure & network changes, incidents, problems, service operation and critical area.
Mandatory actions
Competencies
Technical Competencies
ORGANIZATION Values:
- Deep understanding and management experience of Information Security standards, processes and risk management.
- Knowledge of Department Priorities, Products, and the strategy
- Information security landscape
- Maintain ISO27001:2013 certificate and other compliance requirements
- Developing the information security strategy
- Information security KPI defining and validation
- Benchmarking
- Risk Management
- Designing and Maintaining Information Security Management Policies and procedure
- Knowledge of government and regulatory requirements
- Experience is Managing Security Operations Center (SOC)
- Experience in current Security tools and solutions
- Personal information privacy management
- Act as One
- Over deliver on our promises
- Share what matters
- Always Challenge Assumptions
- Be pioneering
- Key Business Interactions
Internal
External
- SJC IT Information Security Lead
- IT Department team and heads
- IT Security Team
- Internal Auditors
- Vendors
- External Auditors
- Regulatory
- Qualifications & Experience
Required Qualifications
- University Degree in Information Technology with Msc. in Information Security/ Cyber security from a recognized university is a plus.
- Certifications in Information security such as CISM, CISA, CRISC, CISSP, CBCP, GIAC, ISO27001LA, CCNA-security, MCSE-security
- Offensive security certifications CEH and CHFI is a plus
Preferred Experience
- Minimum 5-8 years of experience of which a minimum of 5 years should be in a similar position / responsibility.
Skills: security operations center (soc),privacy management law,risk,information security management,it,risk management,penetration testing,security assessments,management,security tools,cyber,personal information privacy management,iso 27001,security,cyber security,infrastructure,information security,kpis,network security,vulnerability assessments,incident management,technology,cyber security law,infrastructure security