Sr. Information Security Risk Analyst
Great opportunity to work with a leading organisation at an exciting time
Must have strong experience in the Energy sector
About Our Client
A leading government organisation in Qatar with strong development and progression culture.
- Ensure compliance to Corporate Information Security Risk Management Standard.
- Perform risk management during multiple phases of project lifecycle.
- Identify critical information systems and supporting systems for the business processes and projects.
- Conduct periodic / Adhoc information security risk assessments for IT and OT landscape.
- Evaluate existing information security controls, impact and information security risks.
- Propose cost effective information security controls for the remediation of risks.
- Communicate risks and the mitigation actions to the business stakeholders.
- Provide support and expert advice during implementation of controls and remediation of the risks.
- Develop risks acceptance reports and communicate risks to the business if required.
- Perform assurance of information security controls.
- Develop and manage information security risk register.
- Define metrics for continuous monitoring and reporting of effectiveness of the controls.
- Develop and maintain security controls framework in compliance with state law, international standards and best practices.
- Review and provide security inputs in the form of SOW, contractual agreements, security controls, etc. for the scope of the projects and solutions.
- Drive, implement and manage security projects for the department.
- Provide security advisory services by supporting the business in cyber and information security requirements.
The Successful Applicant
- Bachelor degree in Information Security, Computer Science, or Systems Engineering.
- Professional certifications related to Information security like ISO27001, ISO27005, CISSP, CISA, GIAC, CEH or others.
- 10 years of relevant professional experience.
- Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
- Knowledge of fundamental security principles and challenges in their practical application.
- Knowledge of information security capabilities and requirements analysis.
What's on Offer
- Attractive salary
- Diverse project portfolio
- Opportunity to work for an organisation, contributing to the growth and development of the Qatar