Key Accountabilities :
You will be required to establish and maintain an Information Security Management System, IT Governance, Risk and Compliance framework In line with industry-best practices, frameworks and regulatory requirements.
Identify potential risks and evaluate existing controls to ensure that; the information security strategy is aligned with organizational goals and objectives, information security risk is managed appropriately and critical and sensitive information assets are secured, avoid information Security breaches and ensure compliance with legal, statutory, regulatory or contractual obligations related Information security requirements of Qatar Museums (QM).
Following are the key role accountabilities :
Establish and maintain Information Security Management System, IT Governance, Risk and Compliance Framework in line with industry-best practices, frameworks and regulatory requirements such as MICT : Qatar’s National Information Assurance Policy (NIAP), COBIT and ISO / IEC27001 : 2013 standards
Development and maintenance of Information Security Policies, Procedures and implementation plan.
Ensure that Information Security Policies, Procedures and implementation plan are implemented within ITD and other BU SU.
Handling Information Security Incidents, taking corrective and preventive actions and root cause analysis report submission.
Risk Assessments, Risk Identification, Treatment, Mitigation, Reporting, Residual Risk Acceptance and recommendation for corrective action.
Collaborate with other departments such Internal Audit, Legal, Admin, Finance, HC to direct compliance issues and resolutions
IT Audits co-ordination (Compliance with Enterprise Internal / External Audits and Regulatory requirement).
Maintenance and Management Qatar Museums Information Security Technologies and Controls.
Formalized Information Security awareness programmes such as Information Security awareness mailer, awareness Banners and awareness Session.
Vulnerability Assessment and Penetration Testing (VAPT) for critical services
Qualifications / Requirements :
You should be Graduate in Information Technology / Computer Science / Computer Engineering.
Possess Training Certification in one or more of the following : NIAP Implementation Auditing, ISO / IEC27001 : 2013, ITIL, COBIT, CISM, CRISK and CGEIT
You should have at least 5-years of relevant work experience
Considerable implementation or management experience with commonly accepted industry standards and / or best practises including Qatar’s MICT : NIAP , COBIT, ISO27000, and ITIL.