Primary purpose of job

Manages the Information Security Management System (ISMS) throughout QatarEnergy in both information and communication technology (ICT) and operational technology (OT). This responsibility includes developing information security policies and standards, assessing and managing cyber security risk, coordination with the Enterprise Risk Management team, determination of information security operational maturity and control effectiveness targets, managing Information Security awareness and training initiatives, and maintaining close collaboration with business stakeholders to secure aspects of people, process and technology.

Experience & Skills

• 15+ years of relevant professional experience with 7+ years in a leadership role in a large enterprise.
• Experience with large ICT & OT environments in the Energy sector, preferably Oil & Gas.
• Experience with established industry security frameworks (e.g., NIST CSF & Special Publications, IEC 62443, ISO27001 & 27005, etc.) and understanding of customized Information Security Management Systems.
• Knowledge of global as well as regional regulatory requirements and standards (e.g., NISS, NIA, Qatar Data Protection Law etc.).
• Excellent interpersonal coordination, negotiation, and expectation management skills across various organizational levels (up to Board level).
• Excellent written, verbal and presentation skills.

Education

• Bachelor’s degree in Information Security, Computer Science, or Engineering.
• Professional certifications in Information Security management (e.g., CISSP, CISM, CCISO, etc.).