Job Description/Specification:
A leading organization in Doha, Qatar is seeking an experienced GRC Senior Analyst / Specialist to strengthen its cybersecurity governance, risk, and compliance (GRC) framework. This role is responsible for ensuring compliance with the Qatar Cyber Security Framework (QCSF), national cybersecurity regulations, and industry best practices while supporting enterprise-wide cyber risk management.
The successful candidate will provide expert cybersecurity consultancy, conduct risk and compliance assessments, support security audits, and collaborate with business and IT stakeholders to enhance the organization's cybersecurity posture and governance.
About This Role
As a GRC Senior Analyst / Specialist, you will lead cybersecurity governance initiatives, assess cyber risks, ensure regulatory compliance, and recommend security controls that protect critical information assets while supporting continuous improvement across the organization.
Key Responsibilities
🛡️ Governance & Compliance
- Lead cybersecurity governance and compliance initiatives.
- Assess compliance with the Qatar Cyber Security Framework (QCSF).
- Develop and enhance cybersecurity policies, standards, and controls.
- Support security audits, accreditation, and regulatory compliance activities.
⚠️ Risk Management
- Identify, assess, and manage cybersecurity risks.
- Maintain cyber risk registers and monitor remediation activities.
- Recommend risk mitigation strategies and security improvements.
- Track vulnerabilities, control gaps, and corrective actions.
🏗️ Cybersecurity Architecture
- Review and enhance enterprise cybersecurity architecture.
- Recommend security controls aligned with business objectives.
- Support secure technology implementation and governance.
🤝 Advisory & Reporting
- Provide cybersecurity consultancy to business and technical teams.
- Prepare governance reports, risk assessments, and technical recommendations.
- Keep stakeholders informed of emerging cyber threats and regulatory updates.
Minimum Requirements
Education
- Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
Experience
- Minimum 10 years of experience in cybersecurity.
- Strong background in Governance, Risk & Compliance (GRC), enterprise cybersecurity architecture, and regulatory compliance.
- Experience supporting cybersecurity audits and governance programs.
Preferred Skills
- Excellent understanding of QCSF and international cybersecurity standards.
- Strong cybersecurity consulting and advisory capabilities.
- Excellent analytical, communication, and stakeholder management skills.
- Ability to work independently and within multidisciplinary teams.
- Fluency in English and Arabic.
Technical Skills
- Governance, Risk & Compliance (GRC)
- Qatar Cyber Security Framework (QCSF)
- Enterprise Cybersecurity Architecture
- Cyber Risk Assessment
- Security Governance
- Regulatory Compliance
- Information Security Controls
- Security Audits
- Vulnerability & Risk Management
- Policy Development
- Risk Registers
- Technical Documentation
Preferred Certifications
- Mandatory: CIIP, CISM
- Preferred: GICSP, CCISO
Core Competencies
- Cybersecurity Leadership
- Risk Management
- Governance & Compliance
- Analytical Thinking
- Problem Solving
- Communication
- Stakeholder Management
- Decision Making
- Attention to Detail
- Strategic Thinking
Who Can Apply?
This opportunity is suitable for professionals currently working as:
- GRC Senior Analyst
- Cybersecurity GRC Specialist
- Information Security Consultant
- Cyber Risk Analyst
- Governance & Compliance Specialist
- Information Security Manager
- Cybersecurity Consultant
- IT Risk Manager
- Security Governance Analyst
- Cybersecurity Architect
Professionals from the Cybersecurity, Information Technology, Government, Aviation, Financial Services, Telecommunications, Energy, and Critical Infrastructure sectors are encouraged to apply.
CV Tips
Highlight:
- Experience with QCSF, cybersecurity governance, and regulatory compliance.
- Enterprise cybersecurity architecture and risk management expertise.
- Cybersecurity audits, risk assessments, and remediation projects.
- Mandatory certifications (CIIP and CISM).
- Leadership experience and measurable security improvements.
Application Tips
- Highlight governance, compliance, and cyber risk management achievements.
- Include QCSF and international cybersecurity framework experience.
- Showcase enterprise security architecture and consulting expertise.
- List all relevant cybersecurity certifications.
- Ensure your CV is ATS-friendly with GRC and cybersecurity keywords.
Looking for more Cybersecurity & Information Technology jobs in Qatar? Explore the latest opportunities on QatarJobPortal.com and discover careers with leading employers across Qatar.