Cybersecurity SME

Job Title: Cybersecurity Subject Matter Expert
Location: Qatar
Employment Type: Permanent

We are currently supporting a leading energy-sector organisation in sourcing a Cybersecurity SME to support the design and implementation of secure ICS and IT/OT infrastructure. The successful candidate will play a critical role in developing robust cybersecurity controls, ensuring compliance with international standards, and contributing to the resilience of industrial operations through the entire project lifecycle.

Key Responsibilities:

Cybersecurity Architecture and Design

• Lead and participate in design workshops to review and align cybersecurity architecture

• Develop technical specifications for security controls including identity and access management, network/system hardening, monitoring, patching, malware protection, and business continuity

Documentation and Compliance

• Produce solution designs, BoMs, and documentation supporting regulatory and internal compliance

• Ensure designs align with international standards (e.g., IEC 62443) and internal security frameworks

Security Testing and Risk Assessment

• Define cybersecurity testing requirements for FAT, SAT, and operational readiness

• Support vulnerability assessments, penetration testing, and risk treatment documentation

Incident Response and Awareness

• Participate in audit and awareness activities, reporting any suspected security incidents

• Support internal security response procedures

System Design and Hardening

• Create network architecture and data flow diagrams for industrial control systems

• Implement system hardening techniques, such as disabling unused ports and securing operating systems

Security Control Implementation

• Enforce policies for access control, credential management, log handling, asset inventory, and backup recovery

• Monitor system updates and ensure continuous control effectiveness

Technical Governance and Exceptions

• Document compliance justifications and exception requests

• Recommend compensating controls where standards cannot be fully applied

Lifecycle Security Management

• Maintain procedures and controls post-deployment to ensure ongoing system security

• Provide cybersecurity support to both brownfield and greenfield operations

Requirements:

Education:

• Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field

Experience:

• Minimum 15 years in cybersecurity roles, with proven experience in ICS/OT/IT environments

• Deep understanding of cybersecurity in industrial settings, including network segmentation and OT system security (e.g. DCS, ESD, FGS)

• Experience in leading cybersecurity risk reviews, audits, and technical design discussions in the Energy or Oil & Gas sectors

Certifications (Preferred):

• CISSP, CISM, GICSP, CEH, or equivalent

Technical Skills:

• Proficiency in cybersecurity tools for scanning, monitoring, and identity management

• Experience with industry frameworks such as IEC 62443 and secure system architecture

• Strong understanding of system hardening, compliance documentation, and security control enforcement

Soft Skills:

• Strong communication and presentation abilities

• Leadership experience and ability to work with cross-functional technical teams

• Comfortable managing technical documents and interacting with stakeholders at all levels

Additional Information:

• This position is based in Qatar. Candidates must be willing to relocate or already hold the right to work in Qatar.

• Sponsorship and mobilisation support may be provided for the right candidate.