Information Security Specialist

Information Security Specialist (Qatari nationals preferred)

Job Purpose and Role Summary:

Ensure that the bank’s information and the information processing resources under its control are properly protected from unauthorized access, use, disclosure, disruption, modification, or destruction by developing control measures to mitigate the effects on bank operations.

Job Responsibilities:

Information Security & Governance

1. Assist the Head of Information Security & Governance in managing the QDB’s Information Security Management System (ISMS) by ensuring continuous update and maintenance on the same.
2. Assist in the development of the bank’s information security policies and procedures and ensure timely updating thereof in light of changing circumstances/ technology updates / best practices/ regulatory directives.
3. Assist in the development and management of the bank security policies and procedures.
4. Support the implementation of information security risk management activities. Escalate any issues identified.
5. Ensure the integration of the risk identification, analysis and mitigation into all relevant processes.
6. Implement an ongoing risk assessment program targeting information security and privacy matters; provide inputs on the recommended methods for threats detection and mitigation.
7. Participate in raising awareness on corporate security by assisting the Head of Information Security & Governance in providing informative trainings / sessions related to information security.
8. Assist in monitoring, reviewing and checking for compliance with the bank’s information security policies and procedures and referring issues noted to the respective Department Heads.
9. Ensure information access controls are in place to maintain appropriate information access levels on a need-to-know basis across the bank.
10. Perform regular data sanitation procedures by coordinating with stakeholders to decide on which application / system / database that needs to be sanitized.
11. Ensure regular review of system security, system audit trails and logs and the integrity of system configurations.
12. Supervise the identification of log requirements for respective QDB applications and systems.
13. Ensure that all QDB information security policies and procedures are well understood and followed with due diligence.
14. Protect clients’ personally identifiable information as per local privacy law & QCB regulatory requirements.
15. Classify and share information with the third party with due diligence.
16. Ensure the timely completion of cyber security awareness-related assignments from the internal information security team.
17. Report any suspicious information security incident/policy violation proactively.

Breach Investigation

1. Assist in the investigation of information security threat, incident, and breach.
2. Identify the necessary remedial actions, corrective and preventive measures, and assist the management with disciplinary and legal matters associated with such breaches as necessary.

Compliance & Reporting

1. Prepare and disseminate reports pertaining to information security when required and take action, jointly with all involved parties.
2. Assist the IT, Compliance, and Internal Auditor in reviewing the adequacy of the security technical and process controls on a regular basis.
3. Provide timely and accurate information to the external and internal auditors and the compliance function as and when required.
4. Stay abreast of the latest information security tools and relevant technology updates, locally and internationally.
5. Ensure high standards of confidentiality to safeguard commercially sensitive information across the bank.
6. Prepare departmental and other related reports in a timely and accurate manner.
7. Ensure adherence to QDB guidelines, processes, SOPs and related regulations.

Qualifications/Education:

Bachelor’s degree in Computer Science, Information Technology or any related discipline.

Years of Experience:

Minimum 6 years of experience of which a minimum of 3 year should be in a similar role/position.

Languages:

• Arabic – competent
• English – advanced

Preferred Ceritifications:

• Certified Information Security Professional (CISP)

If interested, please share CVs on sshabnam@qdb.qa. Only shortlisted candidates will be contacted.