Job Title : LEAD, INFORMATION SECURITY (GOVERNANCE & COMPLIANCE)Reference Code : OG-7002720CompanyQatarEnergy is a state-owned public corporation established byEmiri Decree No. 10 in 1974. It is responsible for all phases of the oiland gas industry in the State of Qatar.The principal activities of QatarEnergy, its subsidiaries and jointventures are the exploration, production, local and international saleof crude oil,natural gas and gas liquids, refined products, syntheticfuels,petrochemicals, fuel additives, fertilizers, liquefied natural gas(LNG), steel and aluminium.Qatar Energy's strategy of conducting hydrocarbon exploration anddevelopment is through Exploration and Production Sharing Agreements(EPSA) and Development and Production Sharing Agreements (DPSA)concluded with major international oil and gas companies.The operations and activities of QatarEnergy and its affiliates areconducted atvarious onshore locations, including Doha, Dukhan and the Mesaieed andRas Laffan Industrial Cities, as well as offshore areas, including HalulIsland, offshore production stations, drilling platforms and the NorthField.Thriving on a spirit of enterprise, each of our joint ventures isunderpinned by transparency, innovation and high standards of qualityand service. At QatarEnergy, we are committed to one thing aboveall: Excellence.DepartmentINFORMATION & COMMUNICATION TECHNOLOGYPrimary purpose of jobLead governance and compliance focus on the management of the Information Security Management System (ISMS) including developing policies, standards and procedures, security requirements and compliance required for the corporate information security in both an information technology (IT) and operational technology (OT) capacity. This position leads the establishment of strong information security governance and compliance to best protect the organization assets. This position requires technical and administrative understanding of information security principle and best practices. It requires excellent communication along horizontal and vertical lines within and outside the directorate, solid foundation in implementing and improving information security governance in organizations, and a good understanding of Oil & Gas operational and business processes.Experience & Skills• 10+ years of relevant professional experience.• Professional certifications in information security management and standards compliance (e.g., CISSP, CISA, GIAC, ISO 27001, etc.). • Experience with control frameworks and standards (e.g., NIST, IEC 62443, etc.).• Experience with large ICS & ICT environments in the Energy sector, preferably Oil & Gas.• Understanding and customization of information security management systems.• Experience in information security awareness initiatives and community building.• Knowledge of information security capabilities and requirements analysis.• Knowledge of relevant state laws, industry regulations, and security standards.• Excellent written, verbal and presentation communication skills.• Strong team management, planning and coordination skills.EducationBachelor degree in information security, computer science, or engineering