Security Specialist IT Ops
Doha, Doha, Qatar
Mekdam Technical Services
Job Objectives
The Information Security Consultant manages the IT Operations security for existing Infrastructure and new required services as part of business portfolio to continuously monitor and improve organization's security posture to build secure Infrastructure and reduce threat footprint. The role also provides subject matter expertise and operational direction on security governance, Infrastructure security control and risk analysis, security assessment, secure development practices and incident response.
Description
- Establish and manage industry-leading Systems and operations security processes and practices at each phase of the operational services within the environment and implement operational roadmap for assessment, penetration testing and source code reviews.
- Ensure acquired services are consistent with best practices security architecture guidelines.
- Conduct regular manual and automated security testing, assessments, review results, track issues and follow up to ensure remediation.
- Coordinate and scope Third party penetration testing and security assessments activities including configuration reviews for compliance and additional assurance of secured implementation and operation of solutions.
- Recommend improvements to the secure reference architecture through continuous review and assessment of the security requirements, policies, and procedures.
- Provide regular updates to management on Infrastructure security and vulnerability management posture by defining operational KPIs and metrics, build dashboard and reports.
- Manage follow up, close and report upon all departments information security regulatory requirements, audits, inconformity reports, compliance issues and observations that arise during conducted internal and external assurance engagements.
- Conduct Risk Assessments on the required Infrastructure and IT Operations services to identify applicable risk scenarios and mitigating controls as per Qatargas Methodology.
- Perform other related duties or assignments as directed.
- Experience in identifying and mitigating Cybersecurity risks related to Azure implementations.
- Experience in security architecture relating to Infrastructure and IT Operations.
- Experience in designing secure on-prem Infrastructure solutions.
- Experience in designing secure cloud Infrastructure and Operations solutions.
Requirements
Minimum Qualifications:
Bachelors degree in Computer Engineering/Science, Electronics Engineering, or any other appropriately relevant field.
Minimum Experience:
- 10 + years of progressive experience in a directly related field.
- 7 + years of professional experience in ICT information, application security in an enterprise level environment.
- 3 + years in similarly relevant Application security role with around the same team capacity and complexity of assigned tasks.
Job Specific Skills:
- Certifications in industry relative standards, frameworks, and schools of practice, such as CSSLP, GWAPT, OSCP, etc.
- Excellent knowledge in maintaining effective working relationships with staff and clients; excellent people management skills.
- Excellent written and verbal communication skills.
- Strong analytical and problem-solving skills.
- Proven success in working in a similarly complex ICT information security within same industry.
- Professional experience in conducting manual and automated application assessments (DAST, SAST & RAST), penetration testing and configuration review.
- Good understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)
- Good understanding of implementing enterprise information security architectures and frameworks.
- Strong understanding of project management principles and requirements.
- Excellent knowledge and understanding of Information Technology industry, trends, architectures, integrations, operational security, and process computing.
- Excellent knowledge and understanding of leading industry standards, frameworks, methodologies, and best practices.
- Excellent knowledge and understanding of information security governance, compliance, architecture components, technical solutions, and operational services.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Azure Cloud Compliance Cryptography DAST Governance GWAPT Incident response KPIs OSCP Pentesting Risk analysis Risk assessment SAST Security assessment Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open Risk assessment-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs