Sr. Information Security Risk Analyst

Job description / Role

As the Sr. Information Security Risk Analyst, you will be responsible to enhance the Information Security posture of the organisation by assessing and managing the risks as per the corporate information security risk management standard. You will also be responsible for effective mitigation and communication of the risks to the management and business owners.

Client Details

A leading government organisation in Qatar with strong development and progression culture.

Description

* Ensure compliance to Corporate Information Security Risk Management Standard.
* Perform risk management during multiple phases of project lifecycle.
* Identify critical information systems and supporting systems for the business processes and projects.
* Conduct periodic / Adhoc information security risk assessments for IT and OT landscape.
* Evaluate existing information security controls, impact and information security risks.
* Propose cost effective information security controls for the remediation of risks.
* Communicate risks and the mitigation actions to the business stakeholders.
* Provide support and expert advice during implementation of controls and remediation of the risks.
* Develop risks acceptance reports and communicate risks to the business if required.
* Perform assurance of information security controls.
* Develop and manage information security risk register.
* Define metrics for continuous monitoring and reporting of effectiveness of the controls.
* Develop and maintain security controls framework in compliance with state law, international standards and best practices.
* Review and provide security inputs in the form of SOW, contractual agreements, security controls, etc. for the scope of the projects and solutions.
* Drive, implement and manage security projects for the department.
* Provide security advisory services by supporting the business in cyber and information security requirements.

Job Offer

* Attractive salary
* Diverse project portfolio
* Opportunity to work for an organisation, contributing to the growth and development of the Qatar

Requirements

* Bachelor degree in Information Security, Computer Science, or Systems Engineering.
* Professional certifications related to Information security like ISO27001, ISO27005, CISSP, CISA, GIAC, CEH or others.
* 10 years of relevant professional experience.
* Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
* Knowledge of fundamental security principles and challenges in their practical application.
* Knowledge of information security capabilities and requirements analysis.

About the Company

Michael Page is one of the world's leading professional recruitment consultancies, specializing in the placement of candidates in permanent, contract, temporary and interim positions with clients around the world.

The Group has operations in the UK, Continental Europe, Asia-Pacific and the Americas. In the Middle East we focus on the areas of:

Finance & Accounting Banking & Financial Services Procurement Property & Construction Engineering & Supply Chain Oil & Gas Technical and Engineering Human Resources Sales Marketing Technology Secretarial Executive Search Legal

The Group operates through 161 offices in 33 countries and employs over 5,000 employees worldwide.