Job Description

Company
QatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases
of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are
the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products,
syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's
strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing
Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil
and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore
locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including
HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our
joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are
committed to one thing aboveall: Excellence.
Department
INFORMATION & COMMUNICATION TECHNOLOGY
Primary purpose of job
Lead initiatives and activities to enhance information security posture of QatarEnergy (IT and OT) by identifying, assessing
and managing cyber and information security risks according to the corporate information security risk management
standard and industry best practices. This position leads the information security risk management program and
coordinates the activities of the team delivering this capability.
This position requires extensive technical skills in both OT and IT domains, deep knowledge to identify, classify, and
evaluate information security risks, and a strong understanding of Oil & Gas operational and business processes.
Experience & Skills

• 10+ years of relevant professional experience.
• Professional certifications in information security (e.g., CISSP, CISA, GIAC, ISO 27001, ISO27005, etc.).
• Experience with control frameworks and standards (e.g., NIST, IEC 62443, etc.).
• Experience with large ICS & ICT environments in the Energy sector, preferably Oil & Gas
• Leadership skills for conducting risk assessment, analysis and tracking.
• Strong knowledge of information security capabilities, requirements analysis and addressing challenges in practical

application.

• Excellent written, verbal and presentation communication skills.
• Strong team management, planning and coordination skills.

Education
Bachelor degree in information security, computer science, or engineering