More jobs:
Security Operations Officer; Security Assessment & Assurance Specialist
Job Description & How to Apply Below
Hiring for the post of Security Operations Officer (Security Assessment & Assurance Specialist) - Qatar for a Co.
Key ResponsibilitiesSecurity Assurance & Risk Management
- Lead security assessments, architecture reviews, vulnerability management, and assurance activities.
- Establish and operate a structured Security Assurance Framework covering control validation, coverage tracking, and continuous assurance.
- Manage the full security lifecycle from risk identification through remediation and validation.
- Translate technical findings into business‑level risk statements and remediation plans.
- Perform in‑depth security assessments of web applications, APIs, mobile applications, cloud platforms, containers, and infrastructure.
- Identify advanced security risks such as business logic flaws, authentication weaknesses, privilege abuse, and modern attack techniques.
- Validate secure architectures, configuration baselines, and cloud‑native security controls.
- Support secure SDLC and Dev Sec Ops practices, including security testing and release controls.
- Define and maintain secure configuration baselines across the enterprise technology stack (OS, databases, network devices, cloud services, identity platforms, and security tools).
- Align baselines with industry standards (e.g., CIS Benchmarks) and organizational risk requirements.
- Implement automated configuration compliance checks and continuous monitoring mechanisms.
- Conduct periodic reviews and validation of configurations to detect drift, misconfigurations, and unauthorized changes.
- Work with engineering and operations teams to enforce hardening standards and remediate deviations.
- Lead security architecture and design reviews across applications, platforms, and integrations.
- Conduct threat modeling to identify attack paths, risks, and mitigation strategies.
- Ensure alignment with enterprise security architecture and Zero Trust principles.
- Conduct security assessments of vendors, SaaS providers, and external integrations.
- Validate data protection, encryption, and privacy controls for sensitive and regulated data.
- Support cyber resilience activities, including OT/ICS security reviews, red team exercises, and incident response simulations.
- Ensure continuous alignment with regulatory and framework requirements (ISO 27001, NIST CSF, Qatar NIA, QCSF).
- Support internal and external audits with defensible, evidence-based controls.
- Define and report on security metrics, KPIs, and executive dashboards.
- 8+ years of experience in information security assessments and assurance.
- Strong expertise in application, API, mobile, and cloud security.
- Hands‑on experience in penetration testing, vulnerability management, and security architecture reviews.
- Practical experience in system hardening, configuration baselines, and security control validation.
- Deep understanding of modern attack techniques and identity/authentication mechanisms.
- Proven ability to communicate technical risks to business stakeholders.
- OSCP / OSEP / OSWE
- CISSP
- Cloud Security Certifications (Azure / GCP)
- IEC 62443
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×