Security Operation

Role Overview

Data Security Engineer

1. Data Security Engineering

• Design and implement data protection controls across enterprise systems, cloud environments, and AI solutions
• Deploy and manage solutions such as
• Data Loss Prevention (DLP), data masking, and tokenization
• Collaborate with application and infrastructure teams to integrate security into the data lifecycle
• Implement and manage
• data discovery and classification tools
• to identify sensitive data
• Continuously monitor data security posture and generate compliance and risk reports
• Support incident response by investigating and responding to data breaches and insider threats

2. Cloud Data Security

• Implement and manage data security controls in

Google Cloud Platform (GCP)

Microsoft Azure

• Secure databases, data lakes, and cloud-native storage solutions
• Configure
• encryption at rest, in transit, and in use
• , including BYOK (Bring Your Own Key) strategies
• Deploy cloud-native data discovery and classification solutions
• Manage
• secrets management systems
• and ensure secure data access
• Implement governance and protection controls for
• AI/ML data environments

3. Cryptography

• Define and enforce enterprise cryptographic standards and key management practices
• Manage encryption strategies for data across all states (at rest, in transit, in use)
• Ensure compliance with industry and organizational cryptographic standards

4. Data Privacy

• Ensure compliance with global privacy regulations such as

GDPR, HIPAA, and PDPPL

• Embed
• privacy-by-design principles
• into technical implementations
• Drive enterprise data classification and governance initiatives to protect sensitive data

5. Database Security

• Secure structured and unstructured databases including
• relational and NoSQL systems
• Implement

Database Activity Monitoring (DAM)

• and enforce user access controls
• Conduct regular security reviews, vulnerability assessments, and system hardening

6. Collaboration & Governance

• Collaborate with cross-functional teams on data protection strategies
• Ensure compliance with
• Qatar NCSA framework
• and international standards
• Conduct vendor and third-party data security assessments
• Review and approve data-sharing agreements
• Define and track
• data security KPIs and metrics
• Maintain dashboards for continuous monitoring and reporting
• Stay updated on emerging threats, tools, and best practices

Qualifications

• Bachelor’s degree in
• Computer Science, Information Security, or related field
• **8+ years of experience**
• in information security with a focus on data protection, cryptography, and database security
• Experience working in
• multi-cloud environments (GCP & Azure preferred)
• **Bilingual (Arabic speaker) preferred**

• Cissp, Ccsp, Cdpse, Ccsk

• Cloud Security Certifications (GCP / Azure / AWS Security Specialty)

Required Skills

• Hands-on experience with
• DLP solutions

(Forcepoint, Microsoft Purview, Google Cloud DLP)

• Strong expertise in
• data masking, tokenization, anonymization, and pseudonymization techniques
• Experience with
• data discovery and classification tools

(Forcepoint, Microsoft Purview)

• Proficiency in

(Imperva, IBM Guardium)

• Strong knowledge of
• cryptographic protocols and Key Management Systems (KMS)
• Experience securing
• relational, NoSQL, and data lake environments
• Expertise in
• database vulnerability assessments and security audits
• Hands-on experience with
• secrets management tools
• (HashiCorp Vault, Azure Key Vault, GCP Secret Manager, AWS Secrets Manager)
• Familiarity with integrating security into
• CI/CD pipelines