Security Operations Officer – Security Assessment & Assurance Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar.
Key Skills for This Role
Full Job Posting
Overview
Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar.
Our client is seeking an experienced
Security Operations Officer – Security Assessment & Assurance Specialist
who will play a critical role in evaluating, strengthening, and assuring the security posture across IT, OT, and cloud environments.
This role focuses on configuration assessments, vulnerability management, penetration testing, and security assurance programs—ensuring the organization maintains strong cyber resilience during both mega events and routine operations.
Arabic proficiency is mandatory.
Security Configuration Assessment (It & Ot)
- Conduct detailed configuration assessments of IT and OT systems based on CIS Benchmarks, NIST guidelines, and internal security standards.
- Review firewall rulesets to ensure least privilege, segmentation, and policy compliance.
- Assess network devices (routers, switches, load balancers, SASE/SSE gateways) for secure configurations.
- Validate OS hardening, patch compliance, and baseline configurations across servers and endpoints.
- Evaluate Network Access Control (NAC) deployments for coverage, enforcement, and effectiveness.
- Review SASE/SSE implementations to ensure secure access, data protection, and consistent policy application.
- Recommend hardening measures to reduce attack surface and enhance operational resilience.
Technical Risk Identification
- Identify security risks across IT, OT, and cloud assets through technical assessments and analytics.
- Conduct and coordinate penetration testing for cloud workloads, web applications, APIs, and internal systems.
- Perform security assessments of Kubernetes and containerized environments (GKE, AKS).
- Map findings from vulnerability scans, pen tests, and configuration reviews to operational and business impacts.
- Execute red team and adversary simulation exercises to evaluate detection and response maturity.
- Contribute to risk documentation, validation, and reporting for leadership visibility.
Vulnerability Remediation Management
- Track and manage vulnerabilities across IT, OT, and cloud environments.
- Prioritize remediation based on risk severity, exploitability, and business impact.
- Collaborate with infrastructure, application, and OT teams to ensure timely remediation and validation.
- Maintain dashboards and executive reports showing vulnerability trends and remediation KPIs.
Security Assurance
- Develop, implement, and oversee security assurance programs across IT, OT, and cloud domains.
- Track and report KPIs and KRIs to measure program maturity and effectiveness.
- Conduct periodic control reviews and baseline validations to ensure adherence to risk mitigation strategies.
- Identify gaps or deviations and drive corrective actions in coordination with relevant stakeholders.
Qualifications & Experience
- 8+ years of hands-on experience in security assessment, penetration testing, or security assurance.
- Bilingual proficiency in Arabic (Mandatory).
- Strong background in manual and automated penetration testing, including red team/adversary simulations.
- Deep understanding of configuration benchmarks, security hardening, and risk assessment methodologies.
- Technical expertise in GCP and Azure environments.
- Experience with firewall rule auditing, network device configuration assessments, OS hardening, and OT/ICS system assessments.
- Proficiency with industry-standard tools: Burp Suite, Metasploit, Nmap, Nessus, Qualys, Wireshark.
- Experience with cloud-native security platforms (GCP Security Command Center, Azure Defender, Prisma Cloud/CNAPP).
- Familiar with regulatory frameworks: ISO 27001, NIST CSF, IEC 62443, Qatar NIA, QCSF.
- Strong analytical, communication, and reporting skills.
Education
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
Certifications (Preferred)
- CISSP
• OSCP, OSEP, OSCE
- CRISC
- CCSK
- CRTE
- Cloud Certifications (GCP Professional Cloud Security Engineer, Azure Security Engineer Associate)
- - GICSP (preferred for OT/ICS)
Required Skillset
- In-depth knowledge of security assurance frameworks and vulnerability management processes.
- Expertise in firewall auditing, network segmentation, and Zero Trust architecture.
- Strong experience in manual/automated penetration testing and red team exercises.
- Proficiency in cloud security controls, Kubernetes/container security, and IaC security validation.
- Strong understanding of OT/ICS security principles and architecture.
- Experience with threat modeling, control validation, and risk reporting.
- Ability to translate complex technical findings into clear business risk language.
- Excellent reporting and presentation skills for both technical and executive audiences.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Black & Grey HR
SAP Implementation Administrator
Dubai, UAE
Black & Grey HR is recruiting an SAP Implementation Administrator for a leading contracting company in Dubai. The role involves supporting SAP transformation, coordinating with teams and consultants, and driving user ado
Project Engineer – Offshore & Subsea
Abu Dhabi Emirate, UAE
Black & Grey HR is seeking a Project Engineer for offshore and subsea projects in Abu Dhabi. The role involves providing technical engineering support, developing project documentation, coordinating with multidisciplinar
SAP Implementation Administrator
Dubai, UAE
Black & Grey HR is recruiting an SAP Implementation Administrator for a leading contracting company in Dubai. The role involves supporting SAP transformation, coordinating with teams and consultants, and driving user ado
Tender Manager - Offshore Construction Services
Abu Dhabi Emirate, UAE
Black & Grey HR is seeking a Tender Manager for a client's offshore construction and subsea services business in Abu Dhabi. The role involves managing the complete tender lifecycle, from opportunity assessment to proposa
Technician - Starch Manufacturing
Abu Dhabi Emirate, UAE
Performs preventive, predictive, and breakdown maintenance on starch manufacturing plant equipment. Requires 3-5 years of experience in the starch manufacturing industry and a diploma or degree in engineering. The role i
General Counsel (Arabic Speaker)
Abu Dhabi, UAE
Black & Grey HR is partnering with a leading oil & gas services group to find an experienced Group General Counsel. The role provides strategic legal leadership, oversees governance, compliance, M&A, and complex commerci
Project Manager - Subsea
Abu Dhabi Emirate, UAE
Black & Grey HR is seeking a Project Manager – Subsea for a permanent office-based role in Abu Dhabi with offshore travel. The role involves leading subsea EPC, IRM, and inspection projects from contract award to close-o
Port Engineer
Abu Dhabi, UAE
Black & Grey HR is seeking a Port Engineer for a permanent office-based role in Abu Dhabi with regular vessel visits and drydock attendance. The role involves technical management of a commercial vessel fleet, including
SAP Implementation Administrator
Dubai, UAE
Project Engineer – Offshore & Subsea
Abu Dhabi Emirate, UAE
SAP Implementation Administrator
Dubai, UAE
Tender Manager - Offshore Construction Services
Abu Dhabi Emirate, UAE
Technician - Starch Manufacturing
Abu Dhabi Emirate, UAE
General Counsel (Arabic Speaker)
Abu Dhabi, UAE
Project Manager - Subsea
Abu Dhabi Emirate, UAE
Port Engineer
Abu Dhabi, UAE