Senior Director Risk Management & Corporate Security

VAC9277 - Senior Director Risk Management & Corporate Security Company: Ooredoo Group Field: Chief Executive Officer Contract Type: Full Time - Permanent Location: Qatar - Doha Closing date: 29-Feb-2024 Role Accountabilities:
The Security section is a group-level team that oversees OPCO technology security services, planning and budgeting to ensure alignment with Group security Roadmaps; defines and monitors Security KPIs, targets and milestones for effective cyber security and works either remotely or in-country on specific goals mutually agreed with the OPCOs.
Main role is to improve opcos Security maturity based on international standards and best practices.

Strategic guidance and tactical support to achieve greater security maturity and standardization across Ooredoo Opcos.
Support periodic evaluation of Opcos As Is IT & Telecommunication security assessment and recommend the required strategies and roadmaps.
Establish Group-wide KPI’s for Cyber security.
Periodically ensure the technology in use is the best fit for its intended purpose and recommend changes accordingly
Participate in group wide synergy and harmonization initiatives and events in information\cyber security
Support engagement with Opcos during major security incidents and provide guidance to mitigate associated risks.
Support technical selection of information\Cyber security solutions and support OG sourcing in vendor negotiation of security solutions.
Ensure Opcos adherence to the group information\cyber security policies and procedures.
Participate in reviewing OpCos’ strategic plans and budgets as a technical expert
Provide information\cyber security guidance and support to group level initiatives and programs.
Experience & Qualifications:
10 years’ experience directly related to the duties and responsibilities to similar role in Telecommunication industry or service providers
Strong understanding of technology and industry trends, security best practices, and management of technology innovation operations.
Demonstrated understanding of Cloud technologies and how to secure them.
A strong understanding of the business impact of security tools, technologies and policies.
Experience with common information security management frameworks, such as International
Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
Experience working with legal, audit and compliance staff.
Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
Familiarity with the principles of cryptography and cryptanalysis.
expert in application technology security testing (white box, black box, and code review)
An understanding of operating system internals and network protocols
Strong analytical skills to analyse security requirements and relate them to appropriate security controls
Experience in establishing cybersecurity and risk metrics for reporting
Proficient in Security around emerging technology platforms – mobile device platforms (iOS, Android), cloud services (IaaS, PaaS, SaaS), containerization, Big Data, Social media, etc.
Core Competencies:
Risk Management Policy & Procedures
Risk Appetite Framework Management
Sustainability & ESG Practices
Telecom Market & Industry Knowledge
Digital Technology Knowledge
Financial Acumen
Note: you will be required to attach the following:
1. Resume / cv