Senior Cybersecurity Certification & QMS Specialist; Common Criteria
The Senior Cybersecurity Certification & QMS Specialist is responsible for managing and continuously improving the quality management system (QMS) that governs cybersecurity certification schemes. The role ensures compliance with international standards and regulatory requirements while enhancing the efficiency, consistency, and reliability of certification processes.
This position combines expertise in cybersecurity certification with strong quality assurance and audit capabilities, including conducting internal audits, managing documentation, and driving corrective and preventive actions. The specialist works closely with technical teams and stakeholders to maintain high standards of certification, support governance activities, and align processes with evolving industry frameworks and best practices.
Key Responsibilities- Plan, implement, monitor, improve, and maintain the QMS for the different schemes in NISCF.
- Ensure internal processes comply with relevant national and international regulations and guidelines.
- Review the quality of technical content.
- Continuously assess and improve the efficiency and effectiveness of the certification process.
- Oversee documentation and record‑keeping processes to ensure accurate, complete, and readily accessible records and keep the QMS documentation up to date.
- Plan and conduct internal audits and reviews of the certification process to verify compliance and identify improvement opportunities.
- Plan and organize scheme management review meetings.
- Review the quality of scheme documents such as manuals, policies, procedures, forms, and templates.
- Implement corrective and preventive actions to address non‑conformities and improve the QMS.
- Monitor changes to requirements, including International Standards (ISO
17021, 17024, 17065, 17025, 27006, 9001) and National Standards. - Assist with the development of policies, standards, procedures, and guidance based on audit findings.
- Maintain the highest standards of competence and impartiality, ensuring consistency across all evaluation and certification activities.
- Possess a deep understanding of Common Criteria standards, Protection Profiles, Security Targets, Evaluation Assurance Levels (EALs), and related documentation.
- Provide guidance and mentorship to CB team members, certifiers, and evaluators, ensuring their understanding of the certification process and assisting with complex evaluations.
- Make recommendations regarding certification at specific EALs based on extensive evaluation expertise.
- Stay up-to-date with the latest developments in security, emerging threats, and evolving technology to keep the certification process relevant.
- University Master’s degree in IT, information security, or a related field, ideally with a focus on security domains.
- Certification from a recognized Common Criteria certification body and previous experience as a certifier desired.
- IT Security Overview training and certification.
- Common Criteria for IT Security Evaluation training and certification.
- Minimum of 10 years of experience.
- Minimum of 5 years of work experience as a Senior IT, Information Security, Cyber Security Auditor and/or Risk Management and/or Cyber Security/Information Security Management.
- Proficiency in Arabic and English (spoken and written) preferred.
Required Qualifications General
- Analytical and problem‑solving skills.
- Proven experience in IT and Information Security assessment.
- Common Criteria for IT Security Evaluation training.
- Experience in risk assessment and management.
- Hands‑on experience in information security.
- Understanding of ISO
27001 certification audit requirements. - Excellent communication, documentation, and report‑writing skills.
- In‑depth knowledge of security testing methodologies and tools.
- Analytical and assessment experience of formal schemes, able to assess situations fairly and objectively to reach firm conclusions.
- Training, workshops planning, and delivery experience across government and private sector.
- Proven experience in IT, Information Security, and Quality management audit.
- Hands‑on experience in information security, cyber security, and quality management systems.
- Experience in risk…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).