QR17710 - Senior Manager IT Security and Risk Management | Qatar Airways | Doha

[{{ $ctrl._job.status.name | translate}}] QR17710 - Senior Manager IT Security and Risk Management | Qatar Airways | Doha
Qatar Airways

Posted
Interested in this opportunity ?

Job description

About Job:

Develop overall strategy, plan and design of IT security solutions for Qatar Airways and its Subsidiary organisations to protect the organization from internal and external Cyber security threats and thereby to protect company vital information base. Responsible for planning and implementing IT Security controls in line with the business objectives and within the IT Security framework implementing leading business industry standards. Develop plan and programs that identify measure and monitor all risks and security exposures. Recommends appropriate risk and security management controls for all exposure to loss.

Strategic
 Develop overall strategy, plan and design of IT security solutions for Qatar Airways and its Subsidiary organisations to protect the organization from internal and external Cyber security threats and thereby to protect company vital information base.

Operational
 Responsible for assessment, evaluation, recommendation, and implementation of IT Security controls to address key IT Security risks in all levels such as Perimeter, Network, Server, Application and end-user computers to safeguard company IT environment from the ever evolving cyber threats.
 Ensure IT Security assessments are carried out periodically and appropriate remedial actions are taken pro-actively.
 Accountable for computer forensic investigations and reporting evidence in a forensically sound manner using leading computer forensic tools accepted in the court of law for the suspected ICT systems hacks.
 Accountable for the Information Technology divisional risk register on behalf of the Chief Information Officer and to report to the Enterprise Risk Committee on a periodic basis in lines with the Qatar Airways Enterprise Risk Management programme.
 Provide necessary Direction to Network and Security technology teams as and when required.
 Manage the IT Security Maturity Matrix Model.
 Responsible for the continuously reviewing the IT security controls, in order to safeguard Qatar Airways IT environment
 Report IT Security incidents to the CIO on a periodic basis.
 Liaise with IT VP’s and QR IT senior management on all IT Security related matters.
 Interact with IT Security product vendors to ensure that the solutions implemented at QR are working.
 Responsible for the Security controls to safeguard the Qatar Airways IT environment that has grown in complexity over the last few years as a result of the elevated cyber threat risk levels in the region and across the world.
 Perform other department duties related to his/her position as directed by the Head of the Department.

Develop overall strategy, plan and design of IT security solutions for Qatar Airways and its Subsidiary organisations to protect the organization from internal and external Cyber security threats and thereby to protect company vital information base. Responsible for planning and implementing IT Security controls in line with the business objectives and within the IT Security framework implementing leading business industry standards. Develop plan and programs that identify measure and monitor all risks and security exposures. Recommends appropriate risk and security management controls for all exposure to loss.

Strategic
 Develop overall strategy, plan and design of IT security solutions for Qatar Airways and its Subsidiary organisations to protect the organization from internal and external Cyber security threats and thereby to protect company vital information base.

Operational
 Responsible for assessment, evaluation, recommendation, and implementation of IT Security controls to address key IT Security risks in all levels such as Perimeter, Network, Server, Application and end-user computers to safeguard company IT environment from the ever evolving cyber threats.
 Ensure IT Security assessments are carried out periodically and appropriate remedial actions are taken pro-actively.
 Accountable for computer forensic investigations and reporting evidence in a forensically sound manner using leading computer forensic tools accepted in the court of law for the suspected ICT systems hacks.
 Accountable for the Information Technology divisional risk register on behalf of the Chief Information Officer and to report to the Enterprise Risk Committee on a periodic basis in lines with the Qatar Airways Enterprise Risk Management programme.
 Provide necessary Direction to Network and Security technology teams as and when required.
 Manage the IT Security Maturity Matrix Model.
 Responsible for the continuously reviewing the IT security controls, in order to safeguard Qatar Airways IT environment
 Report IT Security incidents to the CIO on a periodic basis.
 Liaise with IT VP’s and QR IT senior management on all IT Security related matters.
 Interact with IT Security product vendors to ensure that the solutions implemented at QR are working.
 Responsible for the Security controls to safeguard the Qatar Airways IT environment that has grown in complexity over the last few years as a result of the elevated cyber threat risk levels in the region and across the world.
 Perform other department duties related to his/her position as directed by the Head of the Department.

Additional Job responsibilities:

Stakeholder Management
 Liaise and coordinate with internal and external parties at the appropriate levels to bolster and ensure smooth flow of the company’s IT security standing.
 Direct the efforts of the IT Security team and coordinate at the strategic and tactical levels with the other functions of the organisation.
 Represent Qatar Airways IT Security in various formal groups including OneWorld, SITA, IATA, EASA, Airbus. Participate in all IT Security matters with partners (OneWorld, Other Airlines, Civil aviation authorities, Aircraft Manufacturers) and other third parties such as iCTQatar, the regulatory body for Information Technology for the State of Qatar.

Planning & Budgeting
 Exercise financial authority to the level delegated by the Chief Information Officer - prepare the annual IT Security department business plans and operating and capital expenditure budgets, ensuring that adequate funding provision is made for all activities. Monitor expenditure against approved levels on a regular basis and investigate and justify significant variances to ensure effective performance and cost control.
 Ensure that proposed IT Security solutions are in line with the departmental budgeted and approved costs.

Management & Leadership
 Direct and manage the IT Security function providing leadership, encouraging teamwork and facilitating related professional work processes in order to achieve high performance standards and staff pride in performance and contribution.
 Establish and oversee the implementation of appropriate processes for performance management and appraisal to ensure the employees are clear on the contribution required from them and are fairly appraised to allow for appropriate linkages between performance and reward.
 Design IT Security controls and head implementation of the IT Security design team.
 Develop an IT Security framework that is clearly measurable, applicable and meets the business requirements.
 Ensure best IT Security standards are maintained at all times by staying abreast of industry trends and demanding the highest professional standards from all members of the team at all times.
 Manage technical expertise within the IT Security team in terms of consultancy and mentoring.
 Assign suitably qualified resources to projects to support the ongoing IT security work programmes.
 Direct IT Security governance throughout the IT department.
 Carry out IT Security workshops with all levels of staff in the IT organization including setting out Security Awareness Programmes.
 Establish the IT Security team’s objectives and priorities to align with and support business objectives.
 Regularly evaluate the team’s objectives, plans, procedures and practices, and makes appropriate changes if needed.
 Oversee and supervise employees. Direct daily activities, recruit, train, develop and discipline to ensure a high standard of service delivery.
 Train and develop other employees, to ensure succession planning is in place.

About You: Qualifications and Experience:

Qualifications:

Essential
 Relevant College or University qualification to min Bachelor's level

Preferred
 Additionally, either one of the following qualifications:
o Certified Information Systems Auditor (CISA),
o Certified Information Systems Manager (CISM),
o Certified Information Systems Security Professional (CISSP),
o Certified in Risk and Information Systems Control (CRISC),
o Certified Ethical Hacker (CEH)

Previous Experience:

Essential
 Minimum 10 years relevant experience
 Full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management).
 Have carried out at least 10 successful IT Security Risk Assessment Programmes in a large environment.
 Have lead the design, implementation, operation and maintenance of the IT Security framework.
 Have successfully lead a team and completed a Payment Card Industry – Data Security Standard certification for at least one large organization.

Preferred
 Minimum 15 years of job-related experience required
 Prior experience in a multinational

About You: Job Specific Skills:

Job Specific Skills:

Essential
 Proven background in IT Security / Cyber Security and develop implementation of an IT Security Management framework for a large organization. Skills and expertise required in the following areas:
o IT Management
o Strong technical skills to ensure that the best fit IT security solution is implemented to meet the business requirements
o Keen eye for details and to identify security flaws within the IT infrastructure.
o Agility to meet the dynamic and ever growing environment of the organization.
o Expert level usage of Risk Assessment, Vulnerability Assessment and Penetration testing tools.
o Formal experience with working with IT Security frameworks ( e.g. NIST, ISO27001)
 Managerial skills - Ability to delegate work, set clear direction and manage workflow. Strong mentoring and coaching skills. Ability to train and develop subordinate's skills. Ability to foster teamwork among team members.

Note: you will be required to attach the following:
1. Resume / CV
2. Copy of Highest Educational Certificate
3. Copy of Passport

Requirements

See description

Job type
Full-time
Location
Al Khulaifat Al Jadeeda, Doha, Qatar
Department
IT
Starting in
As soon as possible

Qatar Airways

Other suggested jobs

{{:: 'IT - Coordinator' | ellipsis : 40 : true }}

{{:: 'The Ritz-Carlton Doha' | ellipsis : 35 : true }}

{{:: 'Assistant Information Technology Manager' | ellipsis : 40 : true }}

{{:: 'Caesars Palace Bluewaters Dubai' | ellipsis : 35 : true }}
Interested in this opportunity ?
Other jobs
View 174 other offers