Head of Information Security (Security Operations)

Security Operations Management:

Oversee daily SOC activities, including SIEM/SOAR monitoring, incident detection, and response.

Lead triage and remediation of high-severity incidents.

Ensure 24/7 monitoring coverage and SLA compliance.

Drive proactive threat hunting, Vulnerability management and intelligence-led operations.

SOC Architecture and Design:

Lead the design, architecture, and optimization of SOC capabilities.

Define SOC workflows, playbooks, escalation procedures, and KPIs.

Ensure scalability and integration of IT and OT security monitoring.

Continuously enhance SOC maturity based on industry standards (NIST, ISO 27001, MITRE ATT&CK).

Risk and Incident Management:

Oversee incident investigations, forensic analysis, and root cause identification.

Ensure lessons learned are documented and integrated into processes.

Maintain crisis management readiness and coordinate executive updates.

Align incident handling with regulatory and compliance requirements.

Procurement and Vendor Management:

Lead RFP preparation, vendor evaluation, and procurement of SOC and cybersecurity tools.

Manage vendor relationships and service-level reviews.

Ensure security solutions meet compliance with Qatar-approved frameworks.

Conduct cost-benefit and effectiveness analysis of deployed tools.

OT Security Operations:

Integrate IT and OT monitoring within SOC environment.

Ensure security of ICS/SCADA systems and critical infrastructure.

Implement and oversee OT segmentation strategies.

Monitor emerging threats targeting OT environments and coordinate mitigations.

Compliance and Governance:

Ensure compliance with Qatar's NCSA framework and international standards.

Develop, enforce, and update security policies and access controls.

Conduct audits and assessments to measure security posture.

Report compliance gaps and oversee remediation.

Client & Stakeholder:

Act as the primary liaison with internal stakeholders, regulators, and external partners.

Deliver clear and actionable reports to senior leadership.

Provide consultations to application developers, network engineers, and OT teams.

Represent the organization during audits and compliance reviews.

Team Leadership and Development:

Manage and mentor SOC analysts, incident responders, and engineers.

Define team structure, roles, and performance KPIs.

Deliver training and awareness programs to enhance capabilities.

Foster a culture of continuous improvement and knowledge sharing.

Technology and Continuous Improvement:

Oversee deployment, maintenance, and optimization of SIEM, SOAR, EDR, firewalls, IDS/IPS, and sandboxing solutions.

Drive automation and orchestration for efficiency gains.

Evaluate emerging technologies and recommend adoption.

Continuously refine processes to strengthen detection and response.

10+ years of work experience in leading IT Security domain with at least 5 years in SOC Leadership.

Bilingual (Arabic Speaker) Mandatory

Education:

Bachelor of Engineering

Or Bachelor of IT

Or Bachelor of Computer Science

Or Any Bachelor Degree With More than 10 years of experience in similar field.

Certifications:

CISSP (Certified Information Systems Security Professional)

Or CISM (Certified Information Security Manager)

Or CRISC (Certified in Risk and Information Systems Control)

ISO/IEC 27001 Lead Implementer or Lead Auditor.

Required Skillsets:

Proven expertise in SOC architecture, design, and optimization.

Experience in RFP preparation, vendor evaluation, and procurement of cybersecurity solutions.

Strong background in incident response, threat intelligence, and risk management.

Knowledge of IT and OT security integration, including ICS/SCADA environments and segmentation strategies.

Familiarity with compliance and governance frameworks such as Qatar NCSA, ISO 27001, NIST, and MITRE ATT&CK.

Demonstrated ability to manage cross-functional teams, crisis response, and executive-level reporting.