Security Operations Officer – Security Assessment & Assurance Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar.
Key Skills for This Role
Full Job Posting
Overview
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar.
Our client is seeking an experienced
Security Operations Officer – Security Assessment & Assurance Specialist
who will play a critical role in evaluating, strengthening, and assuring the security posture across IT, OT, and cloud environments.
This role focuses on configuration assessments, vulnerability management, penetration testing, and security assurance programs—ensuring the organization maintains strong cyber resilience during both mega events and routine operations.
Arabic proficiency is mandatory.
Security Configuration Assessment (It & Ot)
- Conduct detailed configuration assessments of IT and OT systems based on CIS Benchmarks, NIST guidelines, and internal security standards.
- Review firewall rulesets to ensure least privilege, segmentation, and policy compliance.
- Assess network devices (routers, switches, load balancers, SASE/SSE gateways) for secure configurations.
- Validate OS hardening, patch compliance, and baseline configurations across servers and endpoints.
- Evaluate Network Access Control (NAC) deployments for coverage, enforcement, and effectiveness.
- Review SASE/SSE implementations to ensure secure access, data protection, and consistent policy application.
- Recommend hardening measures to reduce attack surface and enhance operational resilience.
Technical Risk Identification
- Identify security risks across IT, OT, and cloud assets through technical assessments and analytics.
- Conduct and coordinate penetration testing for cloud workloads, web applications, APIs, and internal systems.
- Perform security assessments of Kubernetes and containerized environments (GKE, AKS).
- Map findings from vulnerability scans, pen tests, and configuration reviews to operational and business impacts.
- Execute red team and adversary simulation exercises to evaluate detection and response maturity.
- Contribute to risk documentation, validation, and reporting for leadership visibility.
Vulnerability Remediation Management
- Track and manage vulnerabilities across IT, OT, and cloud environments.
- Prioritize remediation based on risk severity, exploitability, and business impact.
- Collaborate with infrastructure, application, and OT teams to ensure timely remediation and validation.
- Maintain dashboards and executive reports showing vulnerability trends and remediation KPIs.
Security Assurance
- Develop, implement, and oversee security assurance programs across IT, OT, and cloud domains.
- Track and report KPIs and KRIs to measure program maturity and effectiveness.
- Conduct periodic control reviews and baseline validations to ensure adherence to risk mitigation strategies.
- Identify gaps or deviations and drive corrective actions in coordination with relevant stakeholders.
Qualifications & Experience
- 8+ years of hands-on experience in security assessment, penetration testing, or security assurance.
- Bilingual proficiency in Arabic (Mandatory).
- Strong background in manual and automated penetration testing, including red team/adversary simulations.
- Deep understanding of configuration benchmarks, security hardening, and risk assessment methodologies.
- Technical expertise in GCP and Azure environments.
- Experience with firewall rule auditing, network device configuration assessments, OS hardening, and OT/ICS system assessments.
- Proficiency with industry-standard tools: Burp Suite, Metasploit, Nmap, Nessus, Qualys, Wireshark.
- Experience with cloud-native security platforms (GCP Security Command Center, Azure Defender, Prisma Cloud/CNAPP).
- Familiar with regulatory frameworks: ISO 27001, NIST CSF, IEC 62443, Qatar NIA, QCSF.
- Strong analytical, communication, and reporting skills.
Education
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
Certifications (Preferred)
- CISSP
• OSCP, OSEP, OSCE
- CRISC
- CCSK
- CRTE
- Cloud Certifications (GCP Professional Cloud Security Engineer, Azure Security Engineer Associate)
- - GICSP (preferred for OT/ICS)
Required Skillset
- In-depth knowledge of security assurance frameworks and vulnerability management processes.
- Expertise in firewall auditing, network segmentation, and Zero Trust architecture.
- Strong experience in manual/automated penetration testing and red team exercises.
- Proficiency in cloud security controls, Kubernetes/container security, and IaC security validation.
- Strong understanding of OT/ICS security principles and architecture.
- Experience with threat modeling, control validation, and risk reporting.
- Ability to translate complex technical findings into clear business risk language.
- Excellent reporting and presentation skills for both technical and executive audiences.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Black & Grey HR
Senior Zoho Developer
Dubai, UAE
**Black & Grey HR is partnering with a supplier of jewellery manufacturing machinery and technology solutions to hire an experienced Senior Zoho Developer who will be responsible for designing, developing, customising, a
Tendering Manager
Dubai, UAE
Black & Grey HR is recruiting for a leading construction and company in Dubai, UAE. Our client is looking for a Tendering Manager who will be responsible to lead the tendering function by analyzing project requirements,
Senior Zoho Developer
Dubai, UAE
Black & Grey HR is partnering with a leading provider of precision machinery solutions tailored for the jewellery manufacturing industry. Our client is looking to hire a Senior Zoho Developer who will be responsible for
Assistant Manager – PropTech (Yardi Voyager)
Abu Dhabi Emirate, UAE
Black & Grey HR is recruiting for a leading investment group in the UAE. Our client is seeking an experienced Assistant Manager – PropTech to manage and deliver the digital roadmap for its real estate business while serv
Head of Network Infrastructure Operations
Doha, QAT
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is seeking an experienced Head of Network Infrastructure Operations to lead large-scale network opera
Sports Solutions Architect
Doha, QAT
Black & Grey HR is recruiting for a leading technology solutions and services provider in Doha, Qatar. Our client is seeking an experienced Sports Solutions Architect to design and deliver scalable, high-performance tech
Senior IT Governance Officer
Doha, QAT
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is looking to hire a Senior IT Governance Officer who will be responsible for leading, facilitating,
Senior SOC Engineer
Doha, QAT
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is seeking an experienced Senior SOC Engineer to lead advanced security monitoring, threat detection,
Senior Zoho Developer
Dubai, UAE
Tendering Manager
Dubai, UAE
Senior Zoho Developer
Dubai, UAE
Assistant Manager – PropTech (Yardi Voyager)
Abu Dhabi Emirate, UAE
Head of Network Infrastructure Operations
Doha, QAT
Sports Solutions Architect
Doha, QAT
Senior IT Governance Officer
Doha, QAT
Senior SOC Engineer
Doha, QAT