الوصف الوظيفي
Purpose:
This role is responsible to support the Information Security Governance, risk and compliance function through the creation, maintenance and review of the various information security policies, procedures and guidelines that governs the overall corporate information security practices.
Context/ Background:
Corporate Information Security department is responsible for securing information, technology and service
availability through effective security planning and management. This role supports the department objectives by working with the Information security Governance, Risk and Compliance senior manager to ensure information and
data security are appropriately governed and consistently controlled.
ROLE ACCOUNTABILITIES
Creates, reviews and maintains information security strategies, frameworks and operating models.
Creates and reviews information security policies, standards, procedures and guidelines in alignment with applicable laws, regulations and international security standards.
Reviews the applicable Ooredoo policies and ensure their consistency with information security policies.
Maintain information security policy exception lists in coordination with Risk and Compliance staff.
Coordinates with Legal and Regulatory, Policy, Internal Audit and Corporate
Governance to review and approve information security policies.
Maintains the Information Security Awareness Program through creative development and implementation of information security awareness plans that effectively achieves the information security goals and aligns with information security strategies.
Maintain documented information for applicable international standards’ certifications.
Participates in internal and external audits and assessments.
Assist in developing and maintaining Key Performance Indicators (KPIs) and Key
Risk Indicators (KRIs) in coordination with Risk and Compliance staff.
Business Impact
Maintain appropriate information security baseline through adequate and efficient information security governance practices.
Costs & Profitability
Supports the GRC section’s productivity and quality goals.
Fulfil and address tasks and expectations effectively and efficiently.
Performs adequate due diligence for all tasks assigned.
Problem Solving
Make sure all issues are reported timely and accurately.
Ensure all issues are escalated and solved in a timely manner.
Planning & Organizing
Daily operational planning.
Prioritize the activities effectively to meet stakeholders’ goals and expectations.
C. KEY SKILLS & DECISION MAKING
Team working, Coaching/Development & Leadership
Encourages teamwork within the project team and capitalizes on the team strengths
Brings fresh insights to the team. Encourages the team to generate newer approaches for information security and data governance.
Communicating & influencing
Communicates clearly, fluently and in an assertive manner while interaction with stakeholders on information security governance.
Presents ideas to stakeholders effectively.
Decision Making
Reviews and approves information security procedures and guidelines.
Kicks off and approves the business as usual information security awareness activities.
D. KEY PERFORMANCE INDICATORS (KPI)
Timely review, approval and publishing of information security policies.
Report the information security procedural KPIs in a timely manner
Ensure that information security awareness activities achieve their pre-defined goals.
Regularly review and update the documented frameworks, standards, procedures and guidelines.
المهارات
Minimum Experience & Essential Knowledge
Minimum 8 years’ experience of information security governance, frameworks and strategy planning.
Knowledge of network technologies, client and server operating systems.
Experience with international security standards implementation.
Minimum Entry Qualifications
Bachelor’s Degree in computer science/engineering or other Technology related field.
Preferred certifications CompTIA Security+, CISSP, CISM, CRISC, ISO 27001 Lead Implementer.
SKILLS
Technical (job related) & Non-technical:
Good functional knowledge of end-to-end Information Security policies, procedures and controls
Good knowledge and skills with Microsoft Office.
Excellent interpersonal, verbal and written communication skills.
Strong presentation skills
Strong analytical skills
Extremely detail-oriented and possess organizational and research skills.
Strong formal report writing.
Excellent English language in addition to Arabic language.
تفاصيل الوظيفة
منطقة الوظيفة الدوحة, قطر
قطاع الشركة البيع بالتجزئة وبالجملة; أمن المعلومات و الشبكات; الاتصالات والشبكات
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف غير محدد
الراتب الشهري غير محدد
عدد الوظائف الشاغرة غير محدد
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 8
منطقة الإقامة قطر
الجنسية الأردن; الإمارات العربية المتحدة; البحرين; الجزائر; السودان; الصومال; العراق; الكويت; المغرب; المملكة العربية السعودية; اليمن; تونس; جزر القمر; جيبوتى; سوريا; عمان; فلسطين; قطر; لبنان; ليبيا; مصر; موريتانيا
الشهادة بكالوريوس/ دبلوم عالي
https://www.bayt.com/ar/qatar/jobs/specialist-security-governance-4320691/