Team Lead - IT Governance Security

Purpose: This position is responsible for leading the IT Governance Security team to ensure the confidentiality, integrity, and availability of the organization data & systems.

Job Summary: The incumbent goal is to oversee the implementation of IT security policies, procedures, and standards to protect against cyber threats & ensure compliance with regulatory requirements.

Main Responsibilities & Tasks

• Lead the IT Governance Security team to achieve security objectives, providing guidance and direction

• Develop and implement comprehensive IT security strategies & plans, aligned with company goals and objectives

• Ensure compliance with security policies, procedures, and standards, conducting regular audits & assessments

• Identify, assess, and mitigate IT security risks, prioritizing & addressing potential threats

• Ensure compliance with regulatory requirements and industry standards, such as Qatar's Data Protection Law, Qatar Central Bank's regulations on payment card security & Qatar's Cybersecurity Framework

• Conduct security audits and compliance assessments, identifying areas for improvement

• Develop and implement incident response plans, ensuring prompt & effective response to security incidents

• Respond to security incidents and breaches, minimizing impact & restoring normal operations

• Conduct post-incident reviews and improvement planning, identifying lessons learned & areas for improvement

• Develop and deliver comprehensive security awareness training programs, educating employees on security best practices

• Promote a culture of security awareness, encouraging employees to report suspicious activity

• Provide regular security updates and alerts, keeping employees informed of emerging threats

• Stay up to date with emerging threats and technologies, attending conferences & workshops

• Continuously monitor and evaluate security controls, identifying areas for improvement

• Implement improvements to security policies, procedures, and standards, ensuring alignment with industry best practices

• Job descriptions are written to reflect major accountabilities and will not describe all the tasks which may be performed by an individual. The incumbent shall perform any additional related duties assigned by the respective line manager to meet operational requirement

• The incumbent shall ensure the highest standards are followed to safeguard the sensitive and confidential data of the organization

Minimum Required Qualifications, Certificates & Skills

Qualifications (e.g., Education)

• At least Bachelor's degree in Computer Science, Information Security, or related field

Work Experience (e.g., Number of years and field / role)

• Minimum 10 years in IT security leadership or related field preferably in a public transport or similar industry

Certificates & Trainings

Any relevant certification or training such as:

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• Certified Ethical Hacker (CEH)

Skills

• Cloud Computing (AWS, Azure, Google Cloud), Data Analytics (Tableau, Power BI, Excel), Cybersecurity (Penetration Testing, Vulnerability Assessment, Incident Response)