Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is seeking an experienced Head of Information Security (Security Operations) to lead the development, execution, and continuous enhancement of the organization’s security operations strategy. This role is critical for safeguarding sensitive assets during mega sports events and throughout business-as-usual periods. The position oversees SOC leadership, incident response, risk management, and the deployment of advanced cybersecurity technologies across IT and OT environments. Arabic proficiency is mandatory.

Key Responsibilities

Security Operations Management

• Oversee day-to-day SOC operations, including SIEM/SOAR monitoring, threat detection, and incident response.
• Lead triage, containment, and remediation of high-severity security incidents.
• Ensure 24/7 monitoring coverage, operational SLAs, and escalation protocols are met.
• Drive proactive threat hunting, vulnerability management, and intelligence-driven security operations.

SOC Architecture & Design

• Lead the design, optimization, and scaling of SOC capabilities across IT and OT domains.
• Define SOC workflows, playbooks, escalation models, and KPIs.
• Ensure seamless integration of monitoring tools and data sources across the enterprise.
• Continuously evolve SOC maturity in alignment with NIST, ISO 27001, and MITRE ATT&CK frameworks.

Risk & Incident Management

• Oversee end-to-end management of security incidents, including forensic analysis and root cause assessment.
• Ensure documentation of lessons learned and integration into updated processes.
• Maintain crisis management readiness and provide timely executive-level updates.
• Align incident response activities with regulatory, legal, and compliance requirements.

Procurement & Vendor Management

• Lead RFP development, vendor evaluation, and procurement for cybersecurity and SOC technologies.
• Manage vendor relationships and SLA performance reviews.
• Ensure all security products meet Qatar regulatory and compliance requirements.
• Conduct cost-benefit analysis and monitor the effectiveness of deployed security tools.

OT Security Operations

• Integrate IT and OT monitoring under a unified SOC operational model.
• Ensure security of ICS/SCADA systems and critical infrastructure components.
• Implement OT segmentation strategies and monitor emerging OT-specific threats.
• Coordinate incident response and mitigation activities affecting OT environments.

Compliance & Governance

• Ensure compliance with Qatar’s NCSA framework, ISO 27001, NIST, and other international standards.
• Develop, implement, and update security policies, procedures, and access control frameworks.
• Conduct periodic audits and security posture assessments.
• Identify compliance gaps and drive structured remediation plans.

Client & Stakeholder Management

• Serve as the primary liaison with internal teams, external partners, regulators, and auditors.
• Provide concise, actionable reports and briefings to senior leadership.
• Consult with application, infrastructure, and OT teams to address security challenges.
• Represent the organization during security audits, reviews, and regulatory assessments.

Team Leadership & Development

• Lead and mentor SOC analysts, incident responders, threat hunters, and engineers.
• Define team roles, structure, KPIs, and performance evaluation criteria.
• Deliver training, awareness programs, and capability-building sessions.
• Foster a culture of operational excellence, continuous improvement, and knowledge sharing.

Technology & Continuous Improvement

• Oversee deployment, operation, and optimization of SIEM, SOAR, EDR, firewalls, IDS/IPS, sandboxing, and related technologies.
• Drive automation and orchestration initiatives for improved SOC efficiency.
• Evaluate emerging cybersecurity technologies and recommend adoption.
• Continuously refine detection, response, and monitoring processes to enhance security posture.

Requirements

Qualifications & Experience

• 10+ years of experience in IT security operations, with at least 5 years in SOC leadership or senior security management.
• Bilingual proficiency in Arabic (Preferred).
• Proven experience managing complex security operations in large-scale or mission-critical environments.

Education

• Bachelor of Engineering, Information Technology, Computer Science, or Any bachelor’s degree with over 10 years of directly relevant experience.

Certifications (Preferred)

• CISSP
• CISM
• CRISC
• ISO/IEC 27001 Lead Implementer or Lead Auditor

Required Skillset

• Strong expertise in SOC design, architecture, and operational optimization.
• Experience with RFP creation, vendor evaluation, and procurement processes.
• Advanced knowledge of incident response, threat intelligence, and enterprise risk management.
• Detailed understanding of IT–OT integration, including ICS/SCADA security and segmentation.
• Familiarity with major frameworks: Qatar NCSA, ISO 27001, NIST, MITRE ATT&CK.
• Excellent leadership skills, crisis management capability, and executive communication proficiency.