Job Purpose:

We are seeking highly skilled Cybersecurity Governance, Risk and Compliance (GRC) specialist to join our team. The ideal candidate shall have extensive experience in cybersecurity frameworks and compliance standards particularly ISO27001, SOC2 Type II, PCI DSS. This role will focus ensuring compliance with Qatar 2022 Cybersecurity framework and Qatar NIAP while effectively managing Risks.

Roles and Responsibilities:

Compliance Management

• Ensure ongoing compliance with ISO27001, ISO27017, IS27018, SOC 2 Type II, PCI DSS requirements
• Implement and maintain compliance with Qatar 2022 Cyber Security Framework and Qatar NIAP
• Manage and coordinate compliance audits, including preparing for audits, addressing findings and implementing corrective actions

Risk Management

• Conduct comprehensive risk assessments to identify and evaluate information security risks
• Develop and implement effective risk mitigation strategies and control to mitigate identified risks.
• Maintain risk register and regularly update risk assessments based on changes in environment or business operations.

Third Party Risk Management

• Develop and implement a TPRM program including vendor risk assessment, due diligence and ongoing monitoring
• Assess and manage the risks associated with third party vendors and service providers
• Ensure that third party vendors comply with relevant security standards and policies
• Review contracts to ensure security requirements are adequately covered.

Cloud Security

• Ensure security of cloud infrastructure, data and applications
• Assess and Monitor cloud security posture to ensure compliance and effectiveness of cloud security controls

Control Testing

• Develop and execute control testing procedures to assess the effectiveness of controls
• Analyze testing results, identify gaps and recommend improvements to security controls
• Document findings and recommended improvements based on testing results

Policy Development

• Assist in development and maintenance of Cyber security policies and procedures
• Ensure policies align with regulatory requirements and best practices
• Provide guidance and support to the stakeholders on the interpretation and implementation of security policies.

Collaboration and Communications

• Collaborate with cross-functional teams including IT, legal and business units to ensure compliance and security
• Communicate compliance requirements and security risks to stakeholders

Be part of an extraordinary story:

Your skills. Your imagination. Your ambition. Here, there are no boundaries to your potential and the impact you can make. You’ll find infinite opportunities to grow and work on the biggest, most rewarding challenges that will build your skills and experience. You have the chance to be a part of our future, and build the life you want while being part of an international community.

Our best is here and still to come. To us, impossible is only a challenge. Join us as we dare to achieve what’s never been done before. Together, everything is possible.

About You:

• High School Qualification / Vocational Qualification / Diploma or Equivalent with minimum 5 years of job-related experience OR Bachelors Degree with minimum 4 years of job related experience.
• Strong understanding of cybersecurity principles, best practices and industry standards
• Experience in Risk management framework and methodologies
• Experience in cloud security frameworks and assessments.
• Understanding of Third-party risk management (TPRM) methodologies and best practices
• Experience in working on GRC tools and automation

About Qatar Airways Group:

Our story started with four aircraft. Today, we deliver excellence across 12 different businesses coming together as one. We’ve grown fast, broken records and set trends that others follow. We don’t slow down by the fear of failure. Instead, we dare to achieve what’s never been done before.

So, whether you’re creating a unique experience for our customers or innovating behind the scenes, every person contributes to our proud story. A story of spectacular growth and determination. Now is the time to bring your best ideas and passion to a place where your ambition will know no boundaries, and be part of a truly global community.

How to apply:

If you’re ready to join a progressive team and have a challenging and rewarding career, then apply now by uploading your CV and completing our quick application form.