Job Description

1. Ability to develop and implement AI security policies, procedures, guidelines, and security strategies to protect systems from potential threats.

2. Identify potential vulnerabilities in AI systems and create strategies to mitigate them.

3. Conduct regular security audits to ensure systems are functioning optimally.

4. Stay up-to-date with the latest AI security trends and threats.

5. Collaborate with other IT teams to ensure the safe integration of new technologies.

6. Establish and manage industry-leading application security processes and practices at each phase of the software development lifecycle and implement operational roadmap for assessment, penetration testing and source code reviews.

7. Conduct regular security audits and risk assessments of AI systems.

8. Ensure acquired and developed applications are consistent with secure software development lifecycle and security architecture guidelines.

9. Conduct regular manual and automated application security testing, assessments, review results, track issues and follow up to ensure remediation in line with secure software development lifecycle.

10. Coordinate and scope Third party penetration testing and application assessments activities including configuration reviews for compliance and additional assurance of secured implementation and operation of solutions.

11. Design, develop and implement the integration and automation of threat modelling, security assessments and testing tools with DevOps, application development and QA tools to improve detection and prevention capabilities.

12. Recommend improvements to the secure reference architecture through continuous review and assessment of the application security requirements, policies, and procedures.

13. Ensure secure coding practices and Software Development Life Cycle (SDLC) are followed by providing training and awareness to the internal stakeholders.

14. Ensure Data Protection, privacy concerns and regulations are in place and addressed in Policies and procedures.

15. Help support and enhance existing cloud security model, ensuring adherence to best practice in alignment with industry standards at technology, operational, legal measures.

16. Manage follow up, close and report upon all department's information security regulatory requirements, audits, inconformity reports, compliance issues and observations that arise during conducted internal and external assurance engagements.

17. Conduct Risk Assessments on the required Applications to identify applicable risk scenarios and mitigating controls as per QatarEnergy LNG Information security risk management practices.

18. Perform other related duties or assignments as directed.

19. Professional experience in conducting manual and automated application assessments (DAST, SAST & RAST), penetration testing and configuration review.

Job Types: Full-time, Contract
Contract length: 12 months

Pay: QAR25,000.00 - QAR26,000.00 per month

Application Question(s):

Do you have bachelor's degree in computer engineering/science, Electronics Engineering, or any other appropriately relevant field? D you have minimum 7 years of experience in ICT information, application security in an enterprise level environment? Certifications in industry relative standards, frameworks, and schools of practice, such as CSSLP, GWAPT, OSCP?
Language:

English & Arabic (Preferred)
License/Certification:

QID (Preferred)
Application Deadline: 29/06/2025