SR. INFORMATION SECURITY ANALYST (GOVERNANCE)
Qatar Petroleum
Doha, Doha, Qatar
منذ 13 ساعات
source : Oil and Gas Job Search

Job Title : SR. INFORMATION SECURITY ANALYST (GOVERNANCE)

Reference Code : OG-7001653

Company

Qatar Petroleum (QP) is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases of the oiland gas industry in the State of Qatar.

The principal activities of QP, its subsidiaries and joint ventures arethe exploration, production, local and international sale of crude oil,natural gas and gas liquids, refined products, synthetic fuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.

QP’s strategy of conducting hydrocarbon exploration and development isthrough Exploration and Production Sharing Agreements (EPSA) andDevelopment and Production Sharing Agreements (DPSA) concluded withmajor international oil and gas companies.

The operations and activities of QP and its affiliates are conducted atvarious onshore locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including HalulIsland, offshore production stations, drilling platforms and the NorthField.

Thriving on a spirit of enterprise, each of our joint ventures isunderpinned by transparency, innovation and high standards of qualityand service.

At Qatar Petroleum, we are committed to one thing aboveall : Excellence.

Department

INFORMATION & COMMUNICATION TECHNOLOGY

Primary purpose of job

Governance and execution of the Information Security Management System (ISMS) including developing policies, standards and procedures required for the corporate information security in both an information technology (IT) and operational technology (OT) capacity.

Define required information security policies, standards and procedures related to their areas of operation as well as raising awareness of those polices, standards and procedures.

Conduct compliance and operational maturity assessments to ensure optimal operation of the information and operational technology environments under the guidelines of the ISMS.

Experience & Skills

  • 10+ years of relevant professional experience.
  • Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
  • Experience with and understanding of customized information security management systems.
  • Experience in information security awareness initiatives and community building.
  • Knowledge of information security capabilities and requirements analysis.
  • Knowledge of relevant state laws, industry regulations, and security standards.
  • Excellent written, verbal and presentation communication skills.
  • Maintain and improve the Information Security Management System (ISMS) and implement and maintain ISMS-related standards, documentation and practices.
  • Identify, document and validate evolving governance requirements in support of ISMS improvements and align and integrate information security standards and practices with standards and practices of other Directorates.
  • Periodically assess compliance and maturity within Qatar Petroleum and report status against adopted standards, national information security-related regulations and maturity model.
  • Maintain updated mappings of compliance checklists to national laws and regulations.
  • Participate in the information security incident management process where necessary to ensure the operational availability, integrity and confidentiality of Qatar Petroleum environments.
  • Represent the Information Security Department internally within Qatar Petroleum (e.g., Change Advisory Panel, Projects, etc.
  • and externally with government bodies as directed.

  • Actively engage directorates in order to build a collaborative information security environment and community, championing grass roots efforts to improve information security throughout the organization.
  • Coordinate and align activities between Information Security and Business Continuity and liaise within QP-IT to ensure business continuity and disaster recovery plans are in place, tested, and report regularly
  • Drive, implement and manage security projects for the department.
  • Education

  • Bachelor degree in information security, computer science, or engineering.
  • Professional certifications in information security management and standards compliance (e.g., CISSP, CISA, GIAC, ISO 27001, etc.
  • and experience with control frameworks (e.g., NIST Cybersecurity Control Framework).

    بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    قدِّم طلب ترشيحك
    بريدي الالكتروني
    بالضغط على "واصل" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    واصل
    استمارة الطلب