SR. SECURITY ASSURANCE ENGINEER (IT & OT) job in Doha at Qatar Energy

Job Title : SR. SECURITY ASSURANCE ENGINEER (IT & OT)

Reference Code : OG-7003367

Company

QatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products, syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are committed to one thing aboveall: Excellence.

Department

INFORMATION & COMMUNICATION TECHNOLOGY

Primary purpose of job

Accountable to enhance information security posture of QatarEnergy (IT and OT) by assuring and designing security solutions in alignment with corporate security governance and security architecture.
Responsibilities include:
• Assure effectiveness of security solutions and controls. Provide expert advice (Technical and administrative) to secure business solutions and review (IT and OT) solution prior to implementations
• Ensure assurance to Corporate Information Security governance and security architecture and provide security advisory services
• Assure Information security review of IT / OT projects and implementations during the project lifecycle
• Conduct Information security assessments of security solutions, business solutions and cloud solutions to mitigate cyber risks
• Design and review of compensating controls to meet the information security control objectives in the absence of primary security controls
• Defining information security assurance and technical requirements to design the security controls to meet security objectives
• Perform Information security reviews and development of HLDs for IT and OT projects based on Security architecture and best practices
• Contribute to design and develop security architecture and security reference models / patterns / Blueprints to standardize security requirement
• Assess the need for enhancing security controls and controls effectiveness based on the business risks and utilizing the emerging technologies
• Drive, implement and manage security projects under the security division

Information security assurance engineer Analyst reports to Head of Information security assurance. He/she role is to design and recommend information security solution and design architecture to business stakeholders and information security management. Validate information security controls and assure mitigation plans implementation.


Experience & Skills

• 10+ years of relevant professional experience
• Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas
• Ability to communicate the urgency and severity of complex risk scenarios in simple language
• Knowledge of fundamental security principles and challenges in their practical application
• Knowledge of information security capabilities and requirements analysis
• Excellent written and verbal business communication skills


Education

• Bachelor’s degree in information security, computer science, or systems engineering
• Professional certifications related to Information security like, ISO27001, CISSP, CISA, GIAC, CEH or others