CrawlJobs Logo

Lead, Risk and Information Protection

Qatar, Doha · Job Posted February 10, 2026
Apply Position
Job Link Share

Job Description

We are looking for a Lead, Risk and Information Protection for one of our clients.

Requirements

  • Graduate and/or master’s degree qualifications in either Computer Science, Information Technology, or a related discipline
  • 10+ years’ experience in a similar role, in large enterprise environments (>1000 users), with multiple geographic locations
  • Oil and Gas experience (or manufacturing industries) is preferred
  • Professional certifications in Information Security and/or Information technology – CISSP and/or CISM at minimum is required
  • Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies
  • Knowledge of and experience in managing, developing and documenting security programs and plans, including strategic, tactical, and operational plans
  • Strong analytical skills to analyse security requirements and relate them to appropriate security controls
  • Strong communication skills, including written, oral and presentation skills. Must be fluent in English
  • Knowledge and experience in Enterprise IT/OT security technologies, services, and processes: Information Security models and frameworks (NIST, ISO 27001) and best practices
  • Risk Assessment: Operating Systems (Windows, Linux), Network technologies and protocols, Information protection
  • Security technologies, tools & controls, including Antivirus, Antimalware, proxies, web filtering and firewalls, XDR, SIEM, IDS/IPS...
  • Incident Response processes and tools
  • Patch and Vulnerability management processes and tools
  • Risk Assessment, Change Management Processes
  • Information Classification, Information Protection
  • Disaster Recovery, Business Continuity
  • Vendor management skills and ability to define and negotiate effective SLAs and service KPIs with vendors
  • Extensive technological domain knowledge to understand integration of digital products with IT systems & architecture
  • Good knowledge of the business to understand business requirements and implications on organization operations

Nice to have

  • Professional certification in Industrial Cybersecurity e.g., GICSP or similar) is desirable
  • Knowledge of Industrial Cybersecurity standards is desirable
  • Exposure to program and project management is desirable

What we offer

Work Scheme: Residential, Single

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead, Risk and Information Protection

8 matching positions

Information and Technology Governance & Risk Lead

Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for d...
Location
Location
United Kingdom , Milton Keynes
Salary
Salary:
Not provided
dssmith.com Logo
DS Smith
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Working knowledge of technology and security standards, controls and consequences across both IT and manufacturing environments in manufacturing or similar industries
  • Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2
  • Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills
  • Demonstrable experience of engaging across all levels of a company in relation to information and cyber security risks
  • Working towards or achieved professional certifications (ISO27001 lead, ISC2, CISM or CRISC) advantageous
Job Responsibility
Job Responsibility
  • Drive information and cyber security awareness
  • Deliver security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and manufacturing site teams
  • Review, manage and where required prepare responses to internal and external customer enquiries in relation to information and cyber security arrangements
  • Support IT, procurement, legal, data protection and digital security and business stakeholder in relation to supplier information and cyber security due diligence and requirements
  • Lead risk-based party security assurance, management, and continuous improvement activities
  • Facilitate and coordinate IT risk management risk register, tools, process, reporting and review
  • Manage a subset of aspects of ISO 27001 related documentation and control activities
  • Manage and continuously improve I&T and Security risks processes in accordance with company risk appetite and tolerance
  • Engage risk review and assurance activities across existing suppliers
  • Provide IT and business advice on aspects of security standards and regulations
What we offer
What we offer
  • Competitive salary
  • Company bonus
  • Pension scheme
  • Life assurance
  • Income protection
  • 25 days holiday plus bank holidays
  • Electric Car / Bike to Work schemes
  • Fulltime
Read More
Arrow Right

Information and Technology Governance & Risk Lead

Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for d...
Location
Location
United Kingdom , Milton Keynes
Salary
Salary:
Not provided
dssmith.com Logo
DS Smith
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Working knowledge of technology and security standards, controls and consequences across both IT and manufacturing environments in manufacturing or similar industries
  • Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2
  • Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills
  • Demonstrable experience of engaging across all levels of a company in relation to information and cyber security risks
  • Working towards or achieved professional certifications (ISO27001 lead, ISC2, CISM or CRISC) advantageous
Job Responsibility
Job Responsibility
  • Driving information and cyber security awareness
  • Delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and manufacturing site teams
  • Reviewing, managing and where required preparing responses to internal and external customer enquiries in relation to information and cyber security arrangements
  • Supporting IT, procurement, legal, data protection and digital security and business stakeholder in relation to supplier information and cyber security due diligence and requirements
  • Leading risk-based party security assurance, management, and continuous improvement activities
  • Facilitating and coordinating IT risk management risk register, tools, process, reporting and review
  • Managing a subset of aspects of ISO 27001 related documentation and control activities
  • Managing and continuously improving I&T and Security risks processes in accordance with company risk appetite and tolerance
  • Engaging risk review and assurance activities across existing suppliers
  • Providing IT and business advice on aspects of security standards and regulations
What we offer
What we offer
  • Competitive salary
  • Company bonus
  • Pension scheme
  • Life assurance
  • Income protection
  • 25 days holiday plus bank holidays
  • Electric Car / Bike to Work schemes
  • Fulltime
Read More
Arrow Right

Industrial Security Lead – Installation Security and Program Protection

Location
Location
United States , Huntsville
Salary
Salary:
Not provided
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience supporting DoD, USSF, USAF, or related federal organizations in industrial security, program protection, acquisition security, or mission assurance roles
  • BA or BS degree
  • Equivalent experience may be substituted for education requirements
  • Active DoD TS/SCI clearance with current investigation
  • Experience supporting classified programs and secure facility operations in accordance with DoD and IC security requirements
  • Knowledge of Program Protection Planning (PPP), Critical Program Information (CPI), base level security, and acquisition security processes
  • Experience supporting base-level or installation security operations, including personnel security, physical security, and classified material control
  • Familiarity with DoDI 5200.39, DoDI 5200.44, DoDM 5200.01 Volumes 1–4, NISPOM, and related security directives
  • Experience coordinating with government program offices, contractors, security managers, and engineering teams
  • Strong organizational, analytical, and communication skills with attention to detail
Job Responsibility
Job Responsibility
  • Support industrial security, program protection, and mission assurance activities for critical defense and space acquisition programs
  • Develop, review, and maintain Security Classification Guides (SCGs) in accordance with DoD policies and directives
  • Evaluate acquisition documentation with program security and Critical Program Information (CPI) protection requirements
  • Coordinate with government and contractor stakeholders to identify and mitigate risks to mission systems, technologies, and sensitive information
  • Support base-level security operations including personnel security, classified visit coordination, secure facility compliance, and physical security requirements
  • Conduct security assessments, contractor site visits, and compliance reviews to evaluate implementation of security controls and protection measures
  • Support System Security Working Groups (SSWG), program reviews, and acquisition security meetings through coordination, documentation, and action tracking
  • Analyze evolving threats, policy updates, and security directives to determine impacts to acquisition and mission systems
  • Develop written assessments, executive briefings, and security recommendations for program leadership and government customers
  • Maintain security documentation repositories, tracking matrices, and reporting tools supporting enterprise mission assurance and program protection efforts
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
  • Fulltime
Read More
Arrow Right

Svp wealth business risk and controls governance escalation and reporting

Individuals in Risk Assessment & Controls design are responsible for developing,...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 8-10 years of experience in Risk, Controls, compliance, audit, or other control-related functions in the financial services industry
  • Demonstrated experience with Escalation and governance protocols, regulatory inventory management and internal control programs
  • Strong understanding of relevant financial services regulations (e.g., AML, KYC, consumer protection, data privacy, prudential regulations) is highly valued
  • Exceptional analytical skills with the ability to interpret complex regulatory texts, assess their practical implications, and identify root causes of risk
Job Responsibility
Job Responsibility
  • Lead the strategic development and continuous enhancement of governance deck content and format for various senior management forums specific to the wealth management business
  • Define the key messages, data points, and insights required to effectively communicate the state of the wealth control environment, emerging risks, and control performance
  • Coordinate and collaborate extensively with various stakeholders across the Wealth business, including first line of defense control officers, operational risk, compliance, legal, finance, and technology teams, to gather relevant data and updates
  • Design and prepare visually compelling and executive-ready presentations that effectively convey complex risk and control information in a clear, concise, and impactful manner
  • Ensure all presentations adhere to established governance guidelines, branding standards, and regulatory expectations
  • Draft executive summaries, talking points, and accompanying documentation for presentations
  • Present governance decks to senior management forums and committees, articulating key findings, risks, control performance, and recommendations with confidence and clarity
  • Lead discussions, respond to challenging questions from senior leaders, and provide insightful perspectives on the wealth control landscape
  • Act as a subject matter expert during presentations, demonstrating a deep understanding of the wealth business and its control environment
  • Implement and maintain comprehensive escalation protocols for identifying, logging, assessing, reporting, and resolving risk events, control deficiencies, operational incidents, and compliance breaches within the wealth management business
  • Fulltime
Read More
Arrow Right

Analyst - Client Risk Assessment and Controls Design – In Business Regulatory Risk Management

The Analyst will provide essential support to the Business Risk and Controls Lea...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 8-10 years of experience in regulatory change management, compliance, audit, or other control-related functions in the financial services industry
  • Demonstrated experience with regulatory inventory management and internal control programs
  • Strong understanding of relevant financial services regulations (e.g., AML, KYC, consumer protection, data privacy, prudential regulations) is highly valued
  • Exceptional analytical skills with the ability to interpret complex regulatory texts, assess their practical implications, and identify root causes of risk
  • Excellent written and verbal communication skills, with the ability to articulate complex issues clearly and concisely to diverse audiences, including senior management and regulators
  • Proven project management and organizational skills, with the ability to manage multiple priorities and meet tight deadlines
  • High level of attention to detail and accuracy
  • Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word) and experience with governance, risk, and compliance (GRC) tools is a plus
  • Bachelor's/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Provide analytical support in managing regulatory change, including data compilation for risk identification, impact assessments, and tracking implementation status
  • Support the Risk Assessment and Controls Design Lead in facilitating regulatory change management activities, including preparing materials for impact assessments on business processes, policies, and systems
  • Support coordination and efforts for regulatory examinations, audits, and inquiries, encompassing meticulous information gathering, document production, and logistical management
  • Help with coordination of the preparation and review responses to regulatory requests, ensuring accuracy and completeness of approvals
  • Assist in the continuous evaluation and maintenance of regulatory inventory linkages to supporting controls, contributing to the assessment of regulatory risk within the Managers Control Assessment (MCA) process
  • Support the development and implementation of robust and integrated risk and control frameworks and contribute to strengthening control practices and recommendations
  • Support data collection and collaboration with cross-functional teams to ensure accurate, complete, and timely submission of all required regulatory reports
  • Support the understanding of reporting requirements, translation into actionable tasks, and review/validation of regulatory reports
  • Support the review and validation of regulatory reports prior to submission
  • Assist in collaborating with legal, compliance, and finance teams to gather necessary data for accurate, complete, and timely submission of all required regulatory reports
  • Fulltime
Read More
Arrow Right

Design Project Lead and Architect, Data Center Design, Engineering, and Construction

Meta is seeking a Design Project Lead and Architect experienced in the design an...
Location
Location
United States , Denver, CO +4 locations
Salary
Salary:
150000.00 - 209000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of professional experience in mission critical building design, construction and/or operations
  • Registered Architect, or equivalent licensure in Civil or Structural Engineering
  • Experience on large scale design and construction projects
  • Experience with industry standards, building codes and safety standards
  • Experience with Google Suite, Revit/BIM, Bluebeam, Autodesk, ACC, or similar design software applications
  • Project Management experience
  • Knowledge depth (SME) of building systems design and architectural details for steel, concrete, and mass timber structures
  • Knowledge in geotechnical/soils design, concrete and steel structural design, landscape architecture, sustainable design, interior/exterior finish systems, and design of culinary and physical security systems
  • Knowledge of mission critical building systems, including mechanical, electrical, controls, and fire protection systems
  • Knowledge of industry standards, building codes, and safety standards including IBC, ASCE, and European equivalents
Job Responsibility
Job Responsibility
  • Lead multiple projects through schematic design, design development, construction documents, construction administration and turn-over as Project Lead and technical domain lead for the Civil, Structural, Landscape, Architecture (CSLA) disciplines on new builds (greenfield), leased facilities, and retrofit projects
  • Lead end-to-end project planning including requirements gathering, defining scope, identifying key milestones, and allocating resources. Serve as the primary technical liaison between business stakeholders and design engineering teams
  • Set clear goals and expectations for teams, regularly tracking progress and communicating status updates to stakeholders. Ensure all project decisions support Meta’s broader organizational goals and technical vision
  • Facilitate regular project meetings, retrospectives, and reviews to drive transparency and continuous improvement
  • Collaborate with internal cross-functional stakeholders and external partners in resolving issues and leading risk mitigation strategies ensuring on-time and budget delivery of capacity with focus on safety, quality, operability and sustainability
  • Prepare and issue Request for Proposals (RFP), analyze and make award recommendations, manage and administer project/program level contracts, review/approve change cost proposals, value engineering proposals, invoices, shop drawings, submittals, requests for information, reports/audits/studies and other design related deliverables
  • Hold EoR teams accountable on deliverables and performance by providing actionable feedback, including from other stakeholders such as Construction Management and by participating in the project health reviews. Proactively identify risks and remove roadblocks to ensure on-time delivery of project deliverables
  • In collaboration with cross-functional stakeholders, analyze forward thinking ideas to identify and mitigate risks, and embedding lessons learned into current and future products. Drive opportunities to compress schedules proactively and in response to business needs
  • Participate in mock-ups, onsite testing, commissioning, and other quality checks throughout the project life cycle in partnership with cross-functional teams to ensure proper installation and commissioning of systems
  • Liaise between internal teams, consultants, and contractors across projects and campuses to ensure transparency, situational awareness of status, way forward, and timely resolution of issues
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Head of Governance, Risk and Compliance - CISO function - BPL

The Head of GRC leads the pillar responsible for ensuring the organisation under...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISM, CRISC, or CISSP certification
  • Experience with DORA (Digital Operational Resilience Act) compliance requirements and implementation
  • ISO 27001 Lead Auditor or Lead Implementer certification
  • PCI QSA or Internal Security Assessor (ISA) qualification
  • Previous experience in FinTech, Digital Banking, Payment Acquiring organisation
  • Experience with Visa GACS and Mastercard SDP acquirer compliance programmes
  • Significant experience of progressive experience in information security governance, risk, and compliance, with at least 5 years leading a GRC team in a regulated environment
  • Strong understanding of UK GDPR and the role of security controls in meeting data protection obligations, including breach notification requirements and data protection impact assessments
  • Experience designing and operating security control frameworks mapped to multiple regulatory requirements simultaneously (e.g., a single framework serving PCI DSS, FCA, and GDPR)
  • Understanding of cloud-native architectures and their implications for compliance and risk management
Job Responsibility
Job Responsibility
  • Own the security policy framework, ensuring policies are current, proportionate, and aligned to PCI DSS, FCA expectations, UK GDPR, and DORA requirements
  • Maintain and operate the security risk register, ensuring risks are assessed consistently using a defined methodology, owned explicitly, and reported accurately to the CISO and Executive Leadership Team (ETL)
  • Manage the relationship with external auditors, the Qualified Security Assessor (QSA), and 2nd/3rd Line of Defence (LoD) on all security and technology risk matters
  • Own the third-party security assurance process, ensuring all vendors, partners, and card scheme integrations are risk-assessed with a tiered approach proportionate to data access and criticality
  • Chair the monthly Cyber and Tech Risk and Controls Forum, presenting risk posture, compliance status, and material findings to the CISO, CIO and ELT
  • Design and maintain the control framework, mapping controls to PCI DSS, FCA, UK GDPR, and DORA requirements, and ensuring control effectiveness is tested on a continuous cycle
  • Produce KRI dashboards and risk reporting for CISO, CIO, and ELT consumption, ensuring risk is communicated in business terms
  • Lead regulatory and audit engagement on security matters, coordinating regulatory review and audit interactions and proactively managing stakeholder relationships
  • Own the risk assessment calendar, ensuring both cyclical and event-driven assessments are executed on schedule with appropriate rigour
  • Manage the risk acceptance process, ensuring risk acceptance decisions are documented, time-bound, approved at the appropriate authority level, and reviewed before expiry
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Principal Auditor - Cyber, Risk and Analysis Technology Audit

Capital One is seeking an energetic, self-motivated Principal Technology Associa...
Location
Location
United States , McLean, Virginia; Charlotte, North Carolina; Richmond, Virginia; Plano, Texas; New York, New York
Salary
Salary:
119400.00 - 163500.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree or military experience
  • At least 4 years of experience in information systems auditing, information systems risk management, information technology (operations, software delivery, access management, microservices), information security (application security, network security, cyber security, data protection), or a combination
  • At least 1 year of experience in cloud computing and controls (design, operation, risk management, or auditing)
  • At least 2 years of experience in managing components of audit engagements, project management or a combination
  • At least 2 years of experience in analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in test scripting or coding (writing, reviewing, assessing)
Job Responsibility
Job Responsibility
  • Execute major components of audits, including critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management, as well as the ability to assist in leading components of small to medium size audits
  • Perform risk assessments of business units and technology operations, design and execute audit procedures to verify the effectiveness of existing controls, identify and define issues, review and analyze evidence, and document client processes and procedures
  • Understand the broader context and implications (e.g., financial, legal, reputational, etc.) of the various types of risk affecting the business and critical technology functions
  • Establishes and maintains good client relations during engagements. Communicates or assists in communicating the results of some audit projects to management via written reports and oral presentations
  • Identify expectations of the client and take actions to support the client experience
  • Prepare clear, organized and complete documentation to support work performed
  • Self prioritize and effectively plan own work activities managing multiple priorities and tasks across the team to deliver quality results
  • Coordinate with others and proactively take on additional work
  • Deliver appropriate, succinct and organized information, tailoring communication style to audience
  • Effectively communicate information, issues and audit progress to teammates, clients and auditor-in-charge
What we offer
What we offer
  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right