Role and responsibilities
Conduct comprehensive cybersecurity maturity assessments across organizational systems and processes, with a focus on aligning with the Capability Maturity Model Integration (CMMI).Perform evaluations that measure the maturity of existing cybersecurity practices, identifying areas of strength and opportunities for improvement.Experience in compliance with relevant regulations, standards, and best practices, including but not limited to:ISO 27001 (Information Security Management)ISO 27017 (Cloud Security)Provide detailed, actionable recommendations to address identified gaps during assessments, focusing on improving cybersecurity practices.Develop a clear, strategic roadmap outlining short-term, mid-term, and long-term actions needed to close gaps and achieve maturity goals.Prepare comprehensive reports on assessment findings, compliance status, and risk mitigation strategies, presenting them to senior leadership and relevant stakeholders.Serve as a subject matter expert on cybersecurity, advising organizations on compliance and best practices.Assist members of the Governance, Risk, and Compliance team to answer technical inquiries from auditors and clients.Recommend emerging security technologies/tools to address current and future threats.Interact and handle vendors, outsourcers, and contractors regarding security products and services.Conduct performance and efficacy testing to stress the limitations of security solutions while ensuring business innovation and day-to-day processes are not negatively impacted.Serve as a trusted advisor, collaborating closely with clients to understand their unique challenges and providing expert guidance on cybersecurity and risk management.Manage end-to-end delivery of client engagements, from scoping through execution.Assist clients in developing / enhancing their cybersecurity strategies and multi-year implementation roadmaps, in alignment with their risk landscape.Provide support in the design and implementation of cybersecurity governance frameworks and policies.
Understanding and experience is preferable but not mandatory.
Understanding of Security Configuration Review: Conduct in-depth security configuration reviews for firewalls, routers, switches, servers, and other security devices.Review and assess firewall rulesets, identifying redundant, outdated, or overly permissive rules, and recommend necessary optimizations.Ensure that firewall configurations follow the principle of least privilege and are aligned with security best practices.Understanding of File Intergity Monitoring (FIM): Experience in deploying FIM solutions and monitoring changes in critical system files, directories, and configurations.Experience in continuous monitoring of file changes and generating alerts for unauthorized modifications.Analyze and report on FIM alerts, working with clients to remediate suspicious activity.Provide recommendations for improving FIM configurations based on threat landscape and compliance requirements.Integrate FIM with security operations tools such as SIEM to enhance visibility and threat detection.Antimalware: Assess client environments to recommend the best-fit antivirus and anti-malware solutions.Implement and configure antivirus/anti-malware software across endpoints, servers, and network devices.Monitor and maintain antivirus solutions, ensuring timely signature updates, patches, and upgrades.Integrate antivirus systems with SIEM and other security tools to enhance threat detection and response capabilities.Develop strategies for malware incident response, including investigation, containment, and remediation.Understanding of Web Proxy: Deploy, configure, and maintain web proxy solutions to filter and monitor client internet traffic, ensuring compliance with internal and regulatory requirements.Set up content filtering policies, block malicious websites, and protect against web-based threats like malware, ransomware, and phishing.Monitor and analyze web traffic patterns to identify and respond to suspicious activities and security incidents.To ensure seamless integration of the web proxy with existing network architecture and other cybersecurity tools.Maintain and update web proxy rule sets to address evolving threats and to reflect changes in client security policies.Email Gateway: Configure, deploy, and manage secure email gateways (SEG) to prevent email-borne threats such as phishing, malware, and spam.To ensure effective filtering of incoming and outgoing email traffic in compliance with cybersecurity best practices and client-specific security policies.Develop and manage email encryption services to safeguard sensitive communications.Conduct regular reviews of email logs, quarantine reports, and security alerts to proactively identify and mitigate potential threats.Implement and maintain policies for content filtering, attachment scanning, and advanced threat protection (ATP) to detect and block malicious files and URLs.Troubleshoot and resolve email security issues, ensuring minimal disruption to client operations.Experience in deployment and management of data classification tools such as Forcepoint, Bolden James, and Azure Information Protection (AIP) to ensure appropriate data labeling and handling.Design and deploy DLP policies and controls to prevent unauthorized data access, transfer, and leakage.Hands-on experience in configuring and managing data classification tools, including but not limited to:Forcepoint: Enforce and monitor data policies across various environments.Bolden James: Classify and protect sensitive data using integrated labeling and classification tools.Azure Information Protection (AIP): Configure AIP to label and encrypt data according to sensitivity levels.Generate detailed reports on data classification and DLP activities, highlighting areas for improvement and ensuring ongoing effectiveness.Experience in monitoring data flow and user behavior to proactively identify and prevent data security incidents.Develop and deliver training sessions to ensure widespread understanding of data handling policies and the use of classification and DLP tools.Network Architecture Review: Analyze, review, and develop network architecture designs based on Defense-in-Depth (DiD) principles. Experience in the implementation of multi-layered security protections across all network systems, maintaining robust safeguards against potential cybersecurity threats.Assess the effectiveness of existing network architectures and recommend enhancements based on evolving threats, emerging technologies, and the organization’s security strategy.Experience in network security design that follows industry best practices, such as Zero Trust principles, and aligns with relevant standards and regulations (e.g., ISO 27001, NIST). Provide expert guidance on secure network configuration, including the selection and deployment of appropriate technologies to defend against internal and external threats.Zero Trust Architecture: Lead the design and implementation of Zero Trust security architectures for clients, ensuring alignment with business needs, security standards, and regulatory requirements (NIST 800-207, Zero Trust Maturity Model).Develop comprehensive Zero Trust strategies tailored to the specific needs of clients, including roadmaps for adoption, risk assessments, and key milestones for transitioning from legacy architectures.Create and enforce granular access policies based on identity, behavior, device health, and environmental factors, ensuring least-privileged access for all users and systems.Experience in integration of advanced IAM technologies such as Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Privileged Access Management (PAM) to enforce Zero Trust principles.Experience in implementation of network and micro-segmentation strategies to minimize lateral movement within client environments, leveraging technologies such as SDN (Software Defined Networking) and firewalls.Experience in Zero Trust principles to secure cloud, hybrid, and multi-cloud environments, ensuring seamless security across different platforms (AWS, Azure, GCP, etc.).Cyber Security Architecture: Lead the design, development, and implementation of a cybersecurity architecture based on the SABSA framework, ensuring alignment with business strategy and goals.Develop security architecture artifacts (models, templates, standards, and procedures) that guide the secure development of enterprise solutions.Utilize the SABSA layers—Contextual, Conceptual, Logical, Physical, Component, and Operational—to ensure comprehensive coverage of all cybersecurity requirements.The architecture shall deliver optimal protection, privacy, integrity, and compliance with internal and external regulatory requirements.Integrate SABSA-based cybersecurity architecture with the organization’s risk management framework, ensuring that security solutions are aligned with risk tolerance levels.
Essential Skills
Drive high-quality work products within expected timeframes and on budget.Demonstrate deep technical capabilities and professional knowledge.Stay abreast of current business and industry trends relevant to the client's business.Develop and maintain long-term relationships and networks with clients and internal stakeholders of ProtivitiConsistently deliver quality client services and manage expectations of client service delivery.
Qualifications
Bachelor’s degree in computer science, Information Security, or a related field (master’s degree preferred).CISSP/CISM/ CRISC/ CCSP/ SABSA/CISSA are preferred. Any 2 certifications are mandatory. Experience:
9-15 years of experience in cyber security or related roles.Extensive experience working in the Qatar and other Gulf Cooperation Council (GCC) countries.
