Job Title: Senior Manager – Security Technology Engineering

Division: Group Risk – Group Information Security

Location: Qatar

Job Purpose

The Senior Manager – Security Technology Engineering will be responsible for leading, managing, and delivering information security technology solutions across the Group. This includes designing, implementing, and maintaining advanced security controls that protect the bank from cyber threats, ensuring compliance with international regulations and industry standards (e.g., PCI DSS, ISO 27001). The role serves as the focal point for IT security engineering, collaborating with stakeholders, partners, and vendors to ensure robust, scalable, and compliant security technologies are in place.

Key Responsibilities

Shareholder & Financial

• Implement KPIs, benchmarks, and best practices to optimize security engineering operations.
• Support annual budgeting and licensing for security technologies.
• Promote cost-conscious, efficient use of security tools and resources.

Customer (Internal & External)

• Act as a consultant to IT and business units, embedding security controls into new systems.
• Supervise teams to ensure adherence to operational processes (incident, problem, change, configuration management).
• Define and monitor team KPIs to maintain SLA commitments.
• Provide timely and accurate reporting to auditors, compliance, and risk functions.
• Build strong relationships with internal stakeholders to enhance security adoption and awareness.

Internal (Processes, Products, Regulatory)

• Support the design, implementation, and continuous improvement of the bank’s information security program.
• Assess and recommend improvements to technical security controls.
• Develop, implement, and enforce security standards, services, and tools (e.g., firewalls, IDS/IPS, EDR, PAM, IAM).
• Establish metrics, roadmaps, and maturity models for security technology.
• Ensure identified audit issues and regulatory gaps are remediated promptly.
• Lead evaluations of new security technologies and their business impact.

Learning & Knowledge

• Maintain expert-level understanding of information security technologies, frameworks, and IT systems.
• Mentor and train team members on emerging security tools and practices.
• Stay updated on industry best practices, regulatory changes, and new threat vectors.
• Create and deliver security awareness and training programs for IT and business stakeholders.

Legal, Regulatory, & Risk Compliance

• Ensure compliance with group-wide policies (AML, Sanctions, Data Protection, Fraud Control, Insider Dealing, etc.).
• Adhere to the Three Lines of Defence principle for effective risk management.
• Support Operational Risk Management (RCSA, KRI, incident reporting, remediation).
• Collaborate with regulators, auditors, and external consultants on security assessments.

Other Duties

• Safeguard confidentiality of sensitive data and uphold the bank’s ethical standards.
• Represent the Group Information Security function in cross-functional initiatives and external engagements.
• Perform other duties as assigned by senior leadership (AVP, SVP, or CISO).

Qualifications & Experience

• Bachelor’s degree in Computer Science, Computer Engineering, or related field (Master’s preferred).
• 8+ years of experience in information security engineering, preferably in banking or large corporates.
• Mandatory certifications: CISSP, CISM, or CISA.
• Security engineering certifications in Microsoft (Azure, MCSA, MCSE) or Linux (RHCE or equivalent).
• Strong experience with a broad range of security technologies: firewalls, proxies, WAFs, IDS/IPS, EDR, DLP, IAM, PAM, DDOS protection, vulnerability scanners.

Key Skills

• Advanced knowledge of security engineering tools and methodologies.
• Strong understanding of infrastructure and application security controls.
• Risk management expertise (identification, assessment, mitigation).
• Excellent communication and presentation skills in English (Arabic preferred).
• Leadership, mentoring, and stakeholder management.
• Strong analytical, problem-solving, and decision-making abilities.
• High level of personal integrity, initiative, and accountability.
• Ability to manage complex projects and deliver under pressure.