Specialist – Security Governance – Starlink
This role is responsible to support the Information Security Governance, risk and compliance function through the creation, maintenance and review of the various information security policies, procedures and guidelines that governs the overall corporate information security practices.
Corporate Information Security department is responsible for securing information, technology and service
availability through effective security planning and management. This role supports the department objectives by working with the Information security Governance, Risk and Compliance senior manager to ensure information and
data security are appropriately governed and consistently controlled.
- Creates, reviews and maintains information security strategies, frameworks and operating models.
- Creates and reviews information security policies, standards, procedures and guidelines in alignment with applicable laws, regulations and international security standards.
- Reviews the applicable Ooredoo policies and ensure their consistency with information security policies.
- Maintain information security policy exception lists in coordination with Risk and Compliance staff.
- Coordinates with Legal and Regulatory, Policy, Internal Audit and Corporate
- Governance to review and approve information security policies.
- Maintains the Information Security Awareness Program through creative development and implementation of information security awareness plans that effectively achieves the information security goals and aligns with information security strategies.
- Maintain documented information for applicable international standards’ certifications.
- Participates in internal and external audits and assessments.
- Assist in developing and maintaining Key Performance Indicators (KPIs) and Key
- Risk Indicators (KRIs) in coordination with Risk and Compliance staff.
- Maintain appropriate information security baseline through adequate and efficient information security governance practices.
Costs & Profitability
- Supports the GRC section’s productivity and quality goals.
- Fulfil and address tasks and expectations effectively and efficiently.
- Performs adequate due diligence for all tasks assigned.
- Make sure all issues are reported timely and accurately.
- Ensure all issues are escalated and solved in a timely manner.
Planning & Organizing
- Daily operational planning.
- Prioritize the activities effectively to meet stakeholders’ goals and expectations.
C. KEY SKILLS & DECISION MAKING
Team working, Coaching/Development & Leadership
- Encourages teamwork within the project team and capitalizes on the team strengths
- Brings fresh insights to the team. Encourages the team to generate newer approaches for information security and data governance.
Communicating & influencing
- Communicates clearly, fluently and in an assertive manner while interaction with stakeholders on information security governance.
- Presents ideas to stakeholders effectively.
- Reviews and approves information security procedures and guidelines.
- Kicks off and approves the business as usual information security awareness activities.
D. KEY PERFORMANCE INDICATORS (KPI)
- Timely review, approval and publishing of information security policies.
- Report the information security procedural KPIs in a timely manner
- Ensure that information security awareness activities achieve their pre-defined goals.
- Regularly review and update the documented frameworks, standards, procedures and guidelines.
|Job Location:||Doha, Qatar|
|Job Role:||Information Technology|
|Company Industry:||Retail & Wholesale; Cyber & Network Security; Telecommunications|
|Career Level:||Mid Career|
|Nationality:||United Arab Emirates; Bahrain; Djibouti; Algeria; Egypt; Iraq; Jordan; Comoros; Kuwait; Lebanon; Libya; Morocco; Mauritania; Oman; Palestine; Qatar; Saudi Arabia; Sudan; Somalia; Syria; Tunisia; Yemen|