Job detail | Ooredoo corporate

VAC9277 - Senior Director Risk Management & Corporate Security

  • Field: Chief Executive Officer
  • Contract type: Full Time - Permanent
  • Location: Qatar - Doha
  • Closing date: 2024-03-01 12:00:00

Job role:

Role Accountabilities

The Security section is a group-level team that oversees OPCO technology security services, planning and budgeting to ensure alignment with Group security Roadmaps; defines and monitors Security KPIs, targets and milestones for effective cyber security and works either remotely or in-country on specific goals mutually agreed with the OPCOs.

Main role is to improve opcos Security maturity based on international standards and best practices.

  • Strategic guidance and tactical support to achieve greater security maturity and standardization across Ooredoo Opcos.

  • Support periodic evaluation of Opcos As Is IT & Telecommunication security assessment and recommend the required strategies and roadmaps.

  • Establish Group-wide KPI's for Cyber security.

  • Periodically ensure the technology in use is the best fit for its intended purpose and recommend changes accordingly

  • Participate in group wide synergy and harmonization initiatives and events in information\cyber security

  • Support engagement with Opcos during major security incidents and provide guidance to mitigate associated risks.

  • Support technical selection of information\Cyber security solutions and support OG sourcing in vendor negotiation of security solutions.

  • Ensure Opcos adherence to the group information\cyber security policies and procedures.

  • Participate in reviewing OpCos' strategic plans and budgets as a technical expert

  • Provide information\cyber security guidance and support to group level initiatives and programs.

Experience & Qualifications

  • 10 years' experience directly related to the duties and responsibilities to similar role in Telecommunication industry or service providers

  • Strong understanding of technology and industry trends, security best practices, and management of technology innovation operations.

  • Demonstrated understanding of Cloud technologies and how to secure them.

  • A strong understanding of the business impact of security tools, technologies and policies.

  • Experience with common information security management frameworks, such as International

  • Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.

  • Experience working with legal, audit and compliance staff.

  • Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.

  • Familiarity with the principles of cryptography and cryptanalysis.

  • expert in application technology security testing (white box, black box, and code review)

  • An understanding of operating system internals and network protocols

  • Strong analytical skills to analyse security requirements and relate them to appropriate security controls

  • Experience in establishing cybersecurity and risk metrics for reporting

  • Proficient in Security around emerging technology platforms - mobile device platforms (iOS, Android), cloud services (IaaS, PaaS, SaaS), containerization, Big Data, Social media, etc.

Core Competencies

  • Risk Management Policy & Procedures

  • Risk Appetite Framework Management

  • Sustainability & ESG Practices

  • Telecom Market & Industry Knowledge

  • Digital Technology Knowledge

  • Financial Acumen

Apply for this job