• Facilitate coordination between information security projects and operations
• Ensure security controls are executed according to policies, regulations, and standards
• Establish, produce and enhance information security, risk and conformance to operational security activities
• Participate actively in the development of security policies, procedures, and standards
• Suggest and verify baseline security configurations for applications, operating systems, networking along with telecommunications equipment
• Assist with the closing audit finding by performing/suggesting the required controls to meet the objective(s)
• Perform Security assessments based on business requests
• Develop Information Security Reports for MEEZA and clients
• Facilitate remediation of identified security vulnerabilities and mitigation of security risks
• Facilitate closure and implementation of action items identified from the security incidents
• Assessment and implementation of security technologies across various pillars of Information Security including, but not limited to endpoint security, network security, data protection, and privacy, thus enhancing the functionality of services with security in place
• Maintain organization\xe2\x80\x99s compliance with various security standards such as ISO 27001/02, Qatar FIFA 2022 Cybersecurity Framework, National Information Assurance Policy \xe2\x80\x93 Qatar
• Manage and ensure all employees are compliant with the organizational Cyber Security Awareness requirements
• Review and update organizational security policies, processes, and procedures
• Draft the Monthly Information Security Executive Report
• Making sound technical and business decisions in a sometimes resource-restricted environment
• Must be approachable and uphold values and characteristics of a MEEZA Employee at all times
• Monitor SIEM, EDR, and other security tools for the detection and identification of security events
• Maintain a good relationship with customers and internal functions while resolving their issues quickly and professionally
• Responsible for generation of observations and recommendations for operational optimization
• Assist in developing and implementing processes for detecting, identifying, and analyzing security-related events in coordination with the client\xe2\x80\x99s security policy and risk management
• Identify vulnerabilities on corporate IT assets to mitigate the risk of exploitation of these vulnerabilities and respond to such attacks in a professional and efficient manner

Knowledge, Skills & Experience:

• Exposure to IT service management best practices such as ITIL and ISO27001
• 5+ years in IT services or related organization
• Experience in ISO27001 process and procedures and can work on their own with little supervision
• A good communicator at all levels.
• Sound knowledge of IT security best practices, common attack types, and detection/prevention methods.
• Strong written and verbal communication skills
• Attention to detail and great organizational skills
• An active interest in Cyber Security, incident detection, network, and systems security.
• Experience or qualifications in network and systems monitoring
• Experience in successful implementation/exposure / participation of a Business Continuity and Disaster Recovery Program
• Experience in performing risk assessments and managing information security risks of an organization
• Minimum 3 years experience focused in the IT Security field (e.g. Incident Response, Incident Investigation, Incident Remediation) with minimum 2 years experience in IT services or related organization, which can include HelpDesk task and involvement in incident ticketing and initial investigation function
• Experience in using SIEM tools such as Azure Sentinal, Splunk, Dark Trace, ArcSight, LogLogic, Envision, Q1 Labs, Symantec Endpoint
• Experience in using Security Solutions such as Endpoint Security, Web and Email Filter, APT, etc.
• Software engineering, programming, or scripting knowledge. Java, .Net.
• An excellent communicator at all levels.
• Strong written and verbal communication skills.
• Sound knowledge of IT security best practices, common attack types, and detection/prevention methods.
• Attention to detail and great organizational skills
• An active interest in Cyber Security, incident detection, network, and systems security.
• Experience or qualifications in network and systems monitoring
• Exposure to Information Security Best Practices such as ISO27001, ISO31000, ISO 22301, COBIT for Risk, and NIST
• An understanding of Information Security relating to the Confidentiality, Integrity, and availability of information
• Understanding of IS regulatory requirements in the state of Qatar
• CISSP / CISA / CRISC / NIAP Implementer
• Certified Ethical Hacker
• Security+
• CCSP / CCSE
• SANS Related qualifications e.g. GCIH & GSEC

• University degree in any field related to Information Technology