Senior Consultant - Information Security Management System

The Senior consultant - ISMS (Information Security Management System) is responsible for consulting engagements for the Technology Services service offerings. The role requires solid background in Information Security, ISO 27000 series, ISO 22301, ISO 20000 and ITIL.

The Senior consultant - ISMS role requires broad high level technical knowledge and the ability to recommend solutions based on customer business problems or requirements.

The role requires demonstrated ability to engage in IT and business executive discussions related to IT Governance, Information Security, IT Service Management, Risk Management, Business Continuity, and IT DR.

Detailed Roles and Responsibilities:

OPERATIONAL

- Influencing organisation, customers, suppliers, partners and peers on area of specialism

- Advising on the available standards, methods, tools and technologies relevant to area of specialism and how business benefits can be realised

- Lead customer through consulting engagements by assembling information to determine, document and agree customer requirements, conducting AS-IS assessment in line with applicable standards and frameworks, conducting Gap Analysis and producing recommendations

- Defining, developing, and implementing policies, processes, and procedures aligned to standards, and frameworks

- Developing templates, guidelines and other job aids to use the implemented policies, processes and procedures

- Assessing and formulating tool requirements to execute the processes and ensuring that all the processes are institutionalized within customer environment

- Conducting periodic compliance audits / assessments against defined processes and various quality models such as COBIT, CIS, NIST, NIA, ISO 31000, ISO 22301, and ISO 27000 series.

- Reporting, ensuring and facilitating closure of all non-conformities by driving/initiating corrective actions within customer environment

- Developing Metrics/KPIs and performing data collection related to the processes deployed, driving analysis and improvements based on recommendations

- Contributing to internal best practices, processes and methodology documents pertaining to area of specialism

Educational Qualifications:

- Degree in Computer Science or Engineering

- Accreditations eg. COBIT, ISO 27001 LA/LI, ISO 22301 LA/LI, CISSP, CompTIA CASP, CRISC, CCSK

Skills & Experience:

- At least 5 - 7 years related IT experience

- Effective communication, facilitation and influencing skills - ability to present ideas clearly and concisely

- Experience writing business and technical documentation and contributing to proposals

- Experience in one or more of the following areas:

- Information Security

- IT Infrastructure Security

- IT Governance

- Endpoint Detection & Response

- Application Security

- Identity & Access Management

- Cloud & Data Center Security

- Network & Gateway Security

- Disaster Recovery

- Digital Risk Monitoring

- IT Service Management

1. Behavioral Skills:

- Strong communication skills with ability to interact with Management level

- Ability to work under pressure and prioritize with minimal supervision

- Multi-tasking skills

- Team player with ability to work with cross functional teams

Contract Period: 3-4 months

Location: Qatar