Cybersecurity

Overview

Requirements

• Minimum 7+ years in system and Cloud Security role.
• Proven experience in enterprise security architecture (on-prem + cloud)
• Experience in security research, security operations, and security assurance
• Experience in setting and documenting security processes and procedures in compliance with Qatar NCSA guidelines and security best practices.
• Experience in operating system and infrastructure hardening.

Key Responsibilities

• Design, implement, and maintain enterprise-wide security architecture for the company internal security, user devices, cloud, and hybrid environments.
• Develop and enforce security policies, standards, and procedures.
• Lead security risk assessments and define mitigation strategies.
• Align security controls with business objectives and regulatory requirements.
• Oversee internal security governance and compliance frameworks (ISO 27001, NIST, CIS).
• Architect and secure Azure cloud environments (IaaS, PaaS, SaaS).
• Implement cloud-native and third-party security controls.
• Conduct detailed security assessments of cloud services to ensure compliance with internal policies and industry frameworks.
• Identify and remediate misconfigurations using automated scanning and manual inspection.
• Implement secure cloud architecture patterns and service integrations.
• Contribute to threat modeling and cloud risk assessments.
• Ensure secure hybrid integration between on-prem and Azure environments.
• Secure Active Directory and domain environments.
• Implement GPO hardening and identity security controls.
• Manage IAM, RBAC, MFA, and privileged access strategies.
• Harden Windows/Linux servers and enterprise endpoints.
• Oversee firewall configurations, IDS/IPS, VPN security, and segmentation.
• Implement encryption and data protection strategies.
• Perform vulnerability assessments and coordinate penetration testing.
• Develop scripts and automation tools (PowerShell, Python, Bash) to enhance monitoring and compliance validation.
• Integrate security controls within CI/CD pipelines (DevSecOps practices).
• Monitor emerging threats, tools, and vulnerabilities.
• Evaluate security technologies and recommend improvements.
• Contribute to threat modeling exercises.
• Participate in external security architecture and implementation projects.
• Provide technical advisory for client-facing security initiatives.
• Review third-party security integrations and solutions.
• Support pre-sales security design when required.
• Conduct risk assessments and compliance audits.
• Ensure adherence to CIS Benchmarks, NIST, ISO 27001.
• Develop remediation guidance and contribute to policy development.
• Participate in external security architecture and implementation projects.
• Provide technical advisory for client-facing security initiatives.
• Review third-party security integrations and solutions.
• Support pre-sales security design when required.

Required Technical Expertise

• Deep technical understanding and hands on of:

Cloud & Security Platforms

• Cloud security.
• Data protection strategies

Infrastructure & Systems Security

• Active Directory and Microsoft 365 hardening
• User devices security
• Domain security best practices
• Endpoint security solutions
• Hybrid identity solutions

DevSecOps & Automation

• CI/CD security integration
• Secure coding awareness
• Security automation scripting

Certifications (Required / Strongly Preferred)

• CISSP – Certified Information Systems Security Professional
• CCSP – Certified Cloud Security Professional
• CISM – Certified Information Security Manager

Education