Job Description

Company
QatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases
of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are
the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products,
syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's
strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing
Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil
and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore
locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including
HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our
joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are
committed to one thing aboveall: Excellence.
Department
INFORMATION & COMMUNICATION TECHNOLOGY
Primary purpose of job
Lead governance and compliance focus on the management of the Information Security Management System (ISMS)
including developing policies, standards and procedures, security requirements and compliance required for the corporate
information security in both an information technology (IT) and operational technology (OT) capacity. This position leads the
establishment of strong information security governance and compliance to best protect the organization assets.
This position requires technical and administrative understanding of information security principle and best practices. It
requires excellent communication along horizontal and vertical lines within and outside the directorate, solid foundation in
implementing and improving information security governance in organizations, and a good understanding of Oil & Gas
operational and business processes.
Experience & Skills

• 10+ years of relevant professional experience.
• Professional certifications in information security management and standards compliance (e.g., CISSP, CISA, GIAC, ISO

27001, etc.).

• Experience with control frameworks and standards (e.g., NIST, IEC 62443, etc.).
• Experience with large ICS & ICT environments in the Energy sector, preferably Oil & Gas.
• Understanding and customization of information security management systems.
• Experience in information security awareness initiatives and community building.
• Knowledge of information security capabilities and requirements analysis.
• Knowledge of relevant state laws, industry regulations, and security standards.
• Excellent written, verbal and presentation communication skills.
• Strong team management, planning and coordination skills.

Education
Bachelor degree in information security, computer science, or engineering