IT Governance Security Manager - Qatari National

Purpose: This position is responsible for ensuring the confidentiality, integrity, and availability of information assets by developing, implementing & maintaining effective IT governance and security practices.

Job Summary: The incumbent goal is to lead the IT Governance Security Team to design, implement, and maintain IT governance & security frameworks, policies, and procedures to protect information assets & ensure compliance with regulatory requirements.

Main Responsibilities & Tasks

• Develop, implement, and maintain IT governance frameworks aligned with industry standards (COBIT, ITIL)
• Review and update frameworks to ensure compliance with regulatory requirements, industry best practices & company policies
• Ensure effective IT management through governance frameworks
• Develop and implement comprehensive information security policies, procedures & standards to safeguard company data
• Conduct risk assessments to identify vulnerabilities and implement mitigation strategies
• Ensure compliance with regulatory requirements (GDPR, HIPAA), industry standards, and company policies
• Ensure compliance with regulatory requirements, industry standards, and company policies through regular compliance audits
• Manage audit processes, addressing findings and recommendations to maintain effective IT governance
• Develop and implement corrective actions to address audit findings
• Develop and deliver security awareness training programs for employees, promoting security best practices
• Monitor and evaluate training effectiveness, updating programs to address emerging security threats
• Ensure employee understanding and adherence to security policies & procedures
• Develop and implement incident response plans, ensuring timely response to security incidents & minimizing business impact
• Lead crisis management efforts, coordinating cross-functional teams to resolve security incidents
• Conduct post-incident reviews to identify areas for improvement and implement changes to prevent future incidents
• Job descriptions are written to reflect major accountabilities and will not describe all the tasks which may be performed by an individual. The incumbent shall perform any additional related duties assigned by the respective line manager to meet operational requirement
• The incumbent shall ensure the highest standards are followed to safeguard the sensitive and confidential data of the organization

Minimum Required Qualifications, Certificates & Skills

Qualifications (e.g., Education)

At least Bachelor’s degree in Computer Science, Information Security, or related field

Work Experience (e.g., Number of years and field / role)

Minimum 10 years in IT governance and security preferably in transportation or logistics industries

Certificates & Trainings

Any relevant certification or training such as:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)