Information Security Officer – Data Security Specialist

Information Security Officer Data Security Specialist

Language Requirement: Arabic Speaking (Preferred)

Experience: 8+ Years

Domain: Data Security | Cloud Security | Privacy & Cryptography

Job Summary

The Information Security Officer Data Security Specialist is responsible for designing, implementing, and governing enterprise-wide data protection and privacy controls across on-premises, cloud, and AI-enabled environments. This role focuses on data security engineering, cloud data protection, cryptography, database security, and regulatory compliance to safeguard sensitive and personal information throughout its lifecycle.

Arabic language proficiency is preferred.

Key Responsibilities

Data Security Engineering

• Design and implement data protection controls across enterprise systems, cloud platforms, and AI/ML solutions.
• Deploy and manage Data Loss Prevention (DLP), data masking, tokenization, and anonymization solutions.
• Collaborate with application and infrastructure teams to embed security-by-design into data lifecycle management.
• Implement and manage data discovery and classification tools to identify, categorize, and label sensitive data.
• Continuously monitor data security posture and produce risk, compliance, and executive reports.
• Support incident response activities for data security incidents, insider threats, and data breaches.

Cloud Data Security

• Implement and manage data protection controls in GCP and Azure environments.
• Secure databases, data warehouses, and data lakes.
• Configure encryption at rest, in transit, and in use, including Bring Your Own Key (BYOK) strategies.
• Deploy cloud-native data discovery and classification solutions.
• Manage secrets management platforms to ensure secure access to data services.
• Implement AI data governance and protection controls.

Cryptography & Key Management

• Define and enforce cryptographic standards, policies, and key management practices.
• Manage enterprise encryption services and Key Management Systems (KMS).
• Ensure compliance with organizational and industry cryptographic standards.

Data Privacy & Governance

• Ensure compliance with privacy regulations such as GDPR, HIPAA, and PDPPL.
• Embed privacy-by-design and privacy-by-default principles into technical controls.
• Drive data classification, retention, and governance programs.
• Define and monitor data security KPIs and metrics.

Database Security

• Secure structured and unstructured data repositories, including relational, NoSQL, and big data platforms.
• Implement Database Activity Monitoring (DAM) and privileged access controls.
• Conduct regular database hardening, security reviews, and vulnerability assessments.

Collaboration & Compliance

• Collaborate with business, legal, IT, and security stakeholders on data protection strategies.
• Ensure alignment with Qatar NCSA/NIA frameworks and international standards (ISO 27001, NIST CSF).
• Conduct data security assessments for vendors and third-party integrations.
• Review and approve data sharing agreements and integrations.
• Maintain data security dashboards for continuous monitoring.
• Stay current with emerging data threats, technologies, and industry best practices.

Required Qualifications & Experience

• 8+ years of experience in information security, with strong focus on data protection, cryptography, and database security.
• Hands-on experience with cloud platforms, especially GCP and Azure.
• Experience securing enterprise and cloud-based data environments.
• Arabic speaking capability is preferred.

Education

• Bachelor's degree in:
• Engineering
• Information Technology
• Computer Science
• Or any Bachelor's degree with 8+ years of relevant experience

Certifications (Preferred)

• CISSP, CCSP, CDPSE, CCSK
• Cloud Security Certifications (GCP, Azure, AWS Security Specialty) Preferred

Required Skillsets

• Strong expertise in encryption standards, cryptographic protocols, and key management.
• Hands-on experience with secrets management tools:
• HashiCorp Vault
• Azure Key Vault
• GCP Secret Manager
• AWS Secrets Manager
• Proven experience with cloud-native data protection in multi-cloud environments.
• Hands-on expertise with DLP solutions (Forcepoint, Microsoft Purview, Google Cloud DLP).
• Experience implementing data masking, tokenization, anonymization, and pseudonymization.
• Practical experience with DAM platforms (Imperva, IBM Guardium).
• Experience with data discovery and classification tools (Forcepoint, Microsoft Purview).
• Strong knowledge of KMS platforms (GCP Cloud KMS, Azure Key Vault).
• Experience securing relational, NoSQL, and data lake environments.
• Ability to perform database security audits and vulnerability assessments.
• Understanding of AI/ML data security and governance.
• Experience in regulated industries (financial services, healthcare, government) preferred.
• Excellent analytical, problem-solving, and communication skills.

Interested one share your resume to [Confidential Information]