Manager, Cyber Security Assurance

• Manage the cyber security assurance agenda and drive related initiatives in alignment with the firm's vision and mission.
• Support the IT Security Manager in executing cyber security strategy.
• Provide guidance over assurance of information security technologies within the organization.
• Define controls and requirements to assure that the new technologies are onboarded in secure manner, collaborate with IT and business areas during the project lifecycle.

Key Accountabilities:

• Keeping up to date with the latest threats, trends, and technologies in the cybersecurity field.
• Actively manage the development of a sufficiently comprehensive Information Security Awareness programs and oversee the assurance of their effective delivery to the concerned parties.
• Manages Security Assurance programs and projects; participates in tendering activities, define RFI/RFP questions and security requirements, collaborate with IT and business areas during the project lifecycle.
• Helps analyze and assess security-specific areas for cloud application migration efforts, provides expertise related to properly selecting and implementing cloud-based security controls.
• Supports the implementation of DevSecOps best practices for cloud-hosted systems and applications.
• Maintain awareness of changes to regulations, compliance guidelines, assessment methodologies, and the emerging technologies.
• Recommend proactive changes to controls, policies, and procedures in response to these changes.
• Perform assessments of systems and networks within our environment and identify where those systems and networks deviate from acceptable configurations, enterprise policy, or local standards.
• Identify security and compliance gaps and partner with system owner and stakeholders to appropriately remediate. Assess, communicate and partner with business and systems owners to determine security control efficacy, solutions within constraints, and facilitate justifiable confidence in the system's security posture.
• Develop, maintain, and produce reports and presentations of Global Security Assurance program status, etc.
• Operate and contribute to continuous improvement of information security assurance processes and systems.
• Have knowledge experience in Zero Trust strategy implementation & Secure access service edge including SD-WAN, SWG & CASB.

Required:

• Minimum 10 years of diverse information security experience, including at least 6 years in positions of progressively increasing managerial responsibilities.
• Excellent knowledge of common IT and information security technologies
• Knowledge of frameworks such as ISO27001, Qatar 2022 CSF, Cloud first QCB directives & applicable local and global laws and regulations.
• Knowledge of latest trends and technologies in cyber security
• Knowledge of secure software development lifecycle, DevSecOps best practices for cloud-hosted systems and applications.
• Knowledge of service validation and testing.
• Very good inter-personal skills and an ability to connect with people at all levels to drive successful relationships.