Project Manager security

Job Summary

Project Manager JD Locaton - Doha, Qatar Duration - 1 Year To collect and document business requirements, interfacing with project delivery team, testing and delivering application documentation and recommending effective solutions. Provide a complex technical guidance on the current security posture. Break up the effort and investment required to execute different tasks. Plan for contingency and project risks. Ensure that multiple small projects and large projects responsible for are delivered without any escalation. Channelize and prioritize efforts to ensure quality output on policies, procedures, guidelines and product specific assessments. Liaison with vendor or professional services for external support. Fine tune security processes, policies, standards, procedures and guidelines. Identify areas of improvement in security solutions periodically by looking at some improvements. Create and review the security procedures and provide management with updates on security aspects. Conduct security assessments, reviews and audits. Create security templates and quality gates for different design documents, policies, procedures, standards and guidelines. Interact with different vendors and subject matter experts to provide guidance required to meet the customer expectations. Identify data for measurement of KPI and KRAs of individuals working on the project. Plan for milestones which are practical. Develop and conduct training programs for the team members. Lead one security working group (Network security, cloud security). Write white papers. Competency knowledge Business Continuity Computer Network Defense Database Administration Encryption Information Systems/Network Security Information Technology Assessment Network Management Operating Systems Policy Management Risk Management Technology Awareness Threat Analysis Vulnerabilities Assessment Preferred Knowledge, Skills, and Abilities Knowledge of data backup and recovery Knowledge of business continuity and disaster recovery continuity of operations plans. Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. Knowledge of controls related to the use, processing, storage, and transmission of data Knowledge of encryption algorithms. Knowledge of the organization’s enterprise information technology (IT) goals and objectives. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Knowledge of measures or indicators of system performance and availability. Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. Knowledge of penetration testing principles, tools, and techniques.