Job Description

Company
QatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases
of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are
the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products,
syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's
strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing
Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil
and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore
locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including
HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our
joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are
committed to one thing aboveall: Excellence.
Department
INFORMATION & COMMUNICATION TECHNOLOGY
Primary purpose of job
Head, Information Security Governance, Risk & Compliance manages the Information Security Management System
(ISMS) throughout QatarEnergy in both information and communication technology (ICT) and operational technology (OT).
This responsibility includes developing information security policies and standards, assessing and managing cyber security
risk, coordination with the Enterprise Risk Management team, determination of information security operational maturity and
control effectiveness targets, managing Information Security awareness and training initiatives, and maintaining close
collaboration with business stakeholders to secure aspects of people, process and technology.
Experience & Skills

• 15+ years of relevant professional experience with 7+ years in a leadership role in a large enterprise.
• Experience with large ICT & OT environments in the Energy sector, preferably Oil & Gas.
• Experience with established industry security frameworks (e.g., NIST CSF & Special Publications, IEC 62443, ISO27001

& 27005, etc.) and understanding of customized Information Security Management Systems.

• Knowledge of global as well as regional regulatory requirements and standards (e.g., NISS, NIA, Qatar Data Protection

Law etc.).

• Excellent interpersonal coordination, negotiation, and expectation management skills across various organizational levels

(up to Board level).

• Excellent written, verbal and presentation skills.

Education

• Bachelor degree in Information Security, Computer Science, or Engineering.
• Professional certifications in Information Security management (e.g., CISSP, CISM, CCISO, etc.).