Security Consulting Practitioner

Cybersecurity Risk & Compliance Consultant Security

Key Functions

• Lead and perform cybersecurity risk assessments, including impact analysis for new or significantly changed applications and systems.
• Design and implement cybersecurity risk mitigation strategies aligned with organizational risk appetite and governance frameworks.
• Evaluate cybersecurity policies, configurations, and controls to ensure compliance with regulatory, legislative, and contractual requirements.
• Support senior leadership by clearly communicating cybersecurity risk posture, trends, and remediation priorities.

Risk Management

• Communicate cybersecurity risks and overall security posture effectively to senior management and key stakeholders.
• Ensure cybersecurity decisions are driven by sound risk management principles and aligned with organizational risk tolerance.
• Conduct initial and ongoing risk assessments of stakeholder assets and critical systems.
• Contribute to the development and maintenance of the cybersecurity risk management framework and related documentation.
• Establish and support a cybersecurity risk management program, including role definition and governance processes.
• Leverage eGRC platforms and continuous monitoring tools to assess, monitor, and report on cybersecurity risks.
• Identify and document supply chain risks for critical system components and third party services.

Compliance & Regulation

• Analyze cybersecurity policies, standards, and technical configurations to assess compliance with applicable laws and frameworks.
• Identify patterns of non compliance and recommend improvements to policies and procedures.
• Periodically review and update cybersecurity strategies, policies, and documentation to maintain regulatory compliance.
• Develop and execute cybersecurity compliance processes and audits, including third party and vendor assessments.
• Monitor and evaluate systems against cybersecurity, resilience, and dependability requirements.
• Support the resolution of cybersecurity incidents and vulnerability related compliance issues.
• Maintain up to date knowledge of national cybersecurity laws, privacy regulations, and accreditation standards in Qatar and the region.
• Cooperate with regulatory authorities and legal entities during audits, reviews, or investigations.

Job Qualifications

• Excellent written, verbal, and interpersonal communication skills.
• Strong analytical and problem solving capabilities in complex environments.
• Consulting mindset with proven stakeholder engagement and relationship management skills.
• Ability to communicate cybersecurity threats and risk insights to both technical and non technical audiences.
• Proven experience working with senior leadership to define and execute cybersecurity risk and compliance strategies.
• Strong understanding of risk assessment, mitigation, treatment, and management methodologies.
• Knowledge of cybersecurity threats, vulnerabilities, and emerging technologies.
• Understanding of authentication, authorization, access control, and application security vulnerabilities.
• Awareness of the operational and business impact of cybersecurity incidents and breaches.
• Knowledge of cybersecurity related ethics, privacy, and regulatory obligations.
• Fluency in
• Arabic and English
• is mandatory.
• Flexibility to travel as required.