Company QatarEnergy is an integrated national oil corporation that stands at theforefront of efforts for the long term sustainable development,utilization and monetization of oil and gas resources in the State ofQatar.In its efforts to become one of the best national energy companies inthe world, QatarEnergy\'s activities and those of its subsidiaries andjoint ventures, encompass the entire spectrum of the oil and gas valuechain locally, regionally, and internationally.They include the exploration, refining and production, marketing, andsale of oil and gas, liquefied natural gas (LNG), natural gas liquids(NGL), gas to liquids (GTL) products, refined products, petrochemicals,fertilizers, steel and aluminum. As an integrated corporation,QatarEnergy\'s activities also include marketing and sale of oil and gasand other various products.QatarEnergy\'s operations and activities are conducted at various onshorelocations, including Doha, Dukhan and the Mesaieed and Ras LaffanIndustrial Cities; and at various offshore areas, such as offshore oilfields production stations, drilling platforms, Halul oil export island,and the North Field, which is the largest single non-associated gasreservoir in the world covering an area of 6,000 square kilometers. Theutilization of this field\xe2\x80\x99s massive reserves has become a primarynational goal to continue the development and prosperity of the country.QatarEnergy pays the utmost attention to the health and safety of itsemployees, contractors, visitors and the local communities where itoperates. From drilling to construction, operations to decommissioning,QatarEnergy\'s health, safety and environment policy forms an integralpart of the corporation\xe2\x80\x99s daily business and long term planning.QatarEnergy is committed to contribute to a better future by meetingtoday\xe2\x80\x99s economic needs, while safeguarding our environment and resourcesfor generations to come. Thriving on innovation and excellence,QatarEnergy is bound to the highest levels of sustainable human, socio-economic, and environmental development in Qatar and beyond. Department INFORMATION SECURITY INFORMATION & COMMUNICATION TECHNOLOGY Primary purpose of job The Senior Information Security Risk Analyst is tasked with enhancing the information security posture of QatarEnergy in both IT and OT environments by assessing and managing cyber and information security risks. He/She actively participates in projects during all phases of implementation and operation, provides expert technical and procedural direction to identify and manage cyber and information security risks, and monitors progress of activities to manage and report identified risks. Experience & Skills \xe2\x80\xa2 Knowledge of fundamental security principles and challenges in their practical application
10+ years of relevant professional experience
Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas
Knowledge of information security capabilities and requirements analysis
Perform periodic risk management activities in IT and OT during the phases of project lifecycle, communicate risks and
mitigation actions to stakeholders, and support the business in defining cyber and information security requirements
Identify critical information systems and supporting systems for business processes and projects
Evaluate effectiveness of existing information security controls
Propose cost effective information security controls for the remediation of risk
Manage information security risk register, including the development of risks acceptance reports, and communicate risks
to the business as required
Maintain security controls framework in compliance with state law, international standards and best practices
Define and evaluate metrics for reporting information security control effectiveness
Communicate the urgency and severity of complex risk scenarios in simple, effective language
Excellent written and verbal business communication skills
Education \xe2\x80\xa2 Bachelor degree in information security, computer science, or systems engineering.
Professional certifications related to Information security (e.g., ISO27001, ISO27005, CISSP, GICSP, CISA, GIAC, CEH,
etc.)
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.