Senior Manager IT Security and Risk Management
Qatar Airways
Middle East, Qatar, Doha
منذ 6 يوم

About Job :

Develop overall strategy, plan and design of IT security solutions for Qatar Airways and its Subsidiary organisations to protect the organization from internal and external Cyber security threats and thereby to protect company vital information base.

Responsible for planning and implementing IT Security controls in line with the business objectives and within the IT Security framework implementing leading business industry standards.

Develop plan and programs that identify measure and monitor all risks and security exposures. Recommends appropriate risk and security management controls for all exposure to loss.


Develop overall strategy, plan and design of IT security solutions for Qatar Airways and its Subsidiary organisations to protect the organization from internal and external Cyber security threats and thereby to protect company vital information base.


Responsible for assessment, evaluation, recommendation, and implementation of IT Security controls to address key IT Security risks in all levels such as Perimeter, Network, Server, Application and end-

user computers to safeguard company IT environment from the ever evolving cyber threats.

Ensure IT Security assessments are carried out periodically and appropriate remedial actions are taken pro-actively.

Accountable for computer forensic investigations and reporting evidence in a forensically sound manner using leading computer forensic tools accepted in the court of law for the suspected ICT systems hacks.

Accountable for the Information Technology divisional risk register on behalf of the Chief Information Officer and to report to the Enterprise Risk Committee on a periodic basis in lines with the Qatar Airways Enterprise Risk Management programme.

Provide necessary Direction to Network and Security technology teams as and when required.

Manage the IT Security Maturity Matrix Model.

Responsible for the continuously reviewing the IT security controls, in order to safeguard Qatar Airways IT environment

Report IT Security incidents to the CIO on a periodic basis.

Liaise with IT VP’s and QR IT senior management on all IT Security related matters.

Interact with IT Security product vendors to ensure that the solutions implemented at QR are working.

Responsible for the Security controls to safeguard the Qatar Airways IT environment that has grown in complexity over the last few years as a result of the elevated cyber threat risk levels in the region and across the world.

Perform other department duties related to his / her position as directed by the Head of the Department.

Additional Job responsibilities :

Stakeholder Management

Liaise and coordinate with internal and external parties at the appropriate levels to bolster and ensure smooth flow of the company’s IT security standing.

Direct the efforts of the IT Security team and coordinate at the strategic and tactical levels with the other functions of the organisation.

Represent Qatar Airways IT Security in various formal groups including OneWorld, SITA, IATA, EASA, Airbus. Participate in all IT Security matters with partners (OneWorld, Other Airlines, Civil aviation authorities, Aircraft Manufacturers) and other third parties such as iCTQatar, the regulatory body for Information Technology for the State of Qatar.

Planning & Budgeting

Exercise financial authority to the level delegated by the Chief Information Officer - prepare the annual IT Security department business plans and operating and capital expenditure budgets, ensuring that adequate funding provision is made for all activities.

Monitor expenditure against approved levels on a regular basis and investigate and justify significant variances to ensure effective performance and cost control.

Ensure that proposed IT Security solutions are in line with the departmental budgeted and approved costs.

Management & Leadership

Direct and manage the IT Security function providing leadership, encouraging teamwork and facilitating related professional work processes in order to achieve high performance standards and staff pride in performance and contribution.

Establish and oversee the implementation of appropriate processes for performance management and appraisal to ensure the employees are clear on the contribution required from them and are fairly appraised to allow for appropriate linkages between performance and reward.

Design IT Security controls and head implementation of the IT Security design team.

Develop an IT Security framework that is clearly measurable, applicable and meets the business requirements.

Ensure best IT Security standards are maintained at all times by staying abreast of industry trends and demanding the highest professional standards from all members of the team at all times.

Manage technical expertise within the IT Security team in terms of consultancy and mentoring.

Assign suitably qualified resources to projects to support the ongoing IT security work programmes.

Direct IT Security governance throughout the IT department.

Carry out IT Security workshops with all levels of staff in the IT organization including setting out Security Awareness Programmes.

Establish the IT Security team’s objectives and priorities to align with and support business objectives.

Regularly evaluate the team’s objectives, plans, procedures and practices, and makes appropriate changes if needed.

Oversee and supervise employees. Direct daily activities, recruit, train, develop and discipline to ensure a high standard of service delivery.

Train and develop other employees, to ensure succession planning is in place.

About You : Qualifications and Experience :

Qualifications : Essential


Relevant College or University qualification to min Bachelor's level


Additionally, either one of the following qualifications :

o Certified Information Systems Auditor (CISA),

o Certified Information Systems Manager (CISM),

o Certified Information Systems Security Professional (CISSP),

o Certified in Risk and Information Systems Control (CRISC),

o Certified Ethical Hacker (CEH)

Previous Experience : Essential


Minimum 10 years relevant experience

Full-time work experience in information security management and / or related functions (such as IT audit and IT Risk Management).

Have carried out at least 10 successful IT Security Risk Assessment Programmes in a large environment.

Have lead the design, implementation, operation and maintenance of the IT Security framework.

Have successfully lead a team and completed a Payment Card Industry Data Security Standard certification for at least one large organization.


Minimum 15 years of job-related experience required

Prior experience in a multinational

قدِّم طلب ترشيحك
أضف الى المفضلات
إزالة من الإشارات المرجعية
قدِّم طلب ترشيحك
بريدي الالكتروني
بالنقر فوق "متابعة"، عطي نيوفو الموافقة على معالجة بياناتي وإرسال تنبيهات البريد الإلكتروني لي، وفقًا لسياسة الخصوصية الخاصة بنيوفو. يمكنني إلغاء اشتراكي أو سحب موافقتي في أي وقت.
استمارة الطلب