As the Sr. Information Security Risk Analyst, you will be responsible to enhance the Information Security posture of the organisation by assessing and managing the risks as per the corporate information security risk management standard.
You will also be responsible for effective mitigation and communication of the risks to the management and business owners.
A leading government organisation in Qatar with strong development and progression culture.
Ensure compliance to Corporate Information Security Risk Management Standard.Perform risk management during multiple phases of project lifecycle.
Identify critical information systems and supporting systems for the business processes and projects.Conduct periodic / Adhoc information security risk assessments for IT and OT landscape.
Evaluate existing information security controls, impact and information security risks.Propose cost effective information security controls for the remediation of risks.
Communicate risks and the mitigation actions to the business stakeholders.Provide support and expert advice during implementation of controls and remediation of the risks.
Develop risks acceptance reports and communicate risks to the business if required.Perform assurance of information security controls.
Develop and manage information security risk register.Define metrics for continuous monitoring and reporting of effectiveness of the controls.
Develop and maintain security controls framework in compliance with state law, international standards and best practices.
Review and provide security inputs in the form of SOW, contractual agreements, security controls, etc. for the scope of the projects and solutions.
Drive, implement and manage security projects for the department.Provide security advisory services by supporting the business in cyber and information security requirements.
Bachelor degree in Information Security, Computer Science, or Systems Engineering.Professional certifications related to Information security like ISO27001, ISO27005, CISSP, CISA, GIAC, CEH or others.
10 years of relevant professional experience.Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
Knowledge of fundamental security principles and challenges in their practical application.Knowledge of information security capabilities and requirements analysis.
Attractive salaryDiverse project portfolioOpportunity to work for an organisation, contributing to the growth and development of the Qatar
Information Security Risk Analyst