Applications have closed

Department INFORMATION SECURITY INFORMATION & COMMUNICATION TECHNOLOGY Primary purpose of job The Senior Information Security Risk Analyst is tasked with enhancing the information security posture of QatarEnergy in both IT and OT environments by assessing and managing cyber and information security risks. He/She actively participates in projects during all phases of implementation and operation, provides expert technical and procedural direction to identify and manage cyber and information security risks, and monitors progress of activities to manage and report identified risks. Experience & Skills • Knowledge of fundamental security principles and challenges in their practical application • 10+ years of relevant professional experience • Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas • Knowledge of information security capabilities and requirements analysis • Perform periodic risk management activities in IT and OT during the phases of project lifecycle, communicate risks and mitigation actions to stakeholders, and support the business in defining cyber and information security requirements • Identify critical information systems and supporting systems for business processes and projects • Evaluate effectiveness of existing information security controls • Propose cost effective information security controls for the remediation of risk • Manage information security risk register, including the development of risks acceptance reports, and communicate risks to the business as required • Maintain security controls framework in compliance with state law, international standards and best practices • Define and evaluate metrics for reporting information security control effectiveness • Communicate the urgency and severity of complex risk scenarios in simple, effective language • Excellent written and verbal business communication skills Education • Bachelor degree in information security, computer science, or systems engineering. • Professional certifications related to Information security (e.g., ISO27001, ISO27005, CISSP, GICSP, CISA, GIAC, CEH, etc.)

Print Job Listing
We use cookies to improve your experience on our website. By browsing this website, you agree to our use of cookies.

Sign in

Sign Up

Forgot Password

Cart

Cart

Share