Senior Common Criteria Certification Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
BAE Systems is hiring a Senior Common Criteria Certification Specialist in Doha, Qatar. You will lead cybersecurity product and system certification activities, evaluate security documentation, conduct risk assessments, and oversee testing.
Key Skills for This Role
Responsibilities
- Lead and execute cybersecurity product and system certification activities in alignment with Common Criteria
- Conduct day to day certification, validation, oversight, certificate maintenance and mutual recognition with Common Criteria standards
- Ensure highest standards of competence and impartiality, and consistency across all evaluation and certification activities
- Possess deep understanding of Common Criteria standards, Protection Profiles, Security Targets, EALs, and related documentation
- Provide guidance and mentorship to CB team members Certifiers and evaluators
- Lead and oversee review and assessment of documentation submitted by product developers
- Conduct advanced technical risk assessments, identifying potential security weaknesses or flaws
- Oversee and manage the testing phase, ensuring rigorous and accurate security testing
- Assist with development of policies, standards, procedures and guidelines
- Make recommendations regarding certification at specific EALs based on extensive evaluation expertise
- Stay up to date with latest developments in security, emerging threats, and evolving technology
- Collaborate with stakeholders such as developers, evaluators, and national certification authorities
Requirements
- University degree in IT, information security or related field
- Minimum 8 years experience
- Minimum 4 years of work experience as a Senior IT/Information Security/Cyber Security Auditor and/or Risk Management and/or Cyber Security/Information Security Management
- Certification from a recognized Common Criteria certification body and previous experience as a Certifier is desired
- IT Security Overview Training and certification
- Common Criteria for IT Security Evaluation Training and certification
- Proficiency in Arabic and English (spoken and written) is preferred
Full Job Posting
Role Overview
- The Senior Common Criteria Certification Specialist is responsible for leading and executing cybersecurity product and system certification activities in alignment with internationally recognized standards, particularly Common Criteria.
- The role involves evaluating security documentation, conducting technical risk assessments, overseeing testing processes, and providing expert recommendations on certification decisions (e.g., EAL levels).
- This position plays a critical role in ensuring the integrity, consistency, and credibility of the certification process.
Key Responsibilities
- Senior Certifier is responsible for the conduct of the day to day certification, validation, oversight, certificate maintenance and mutual recognition with the common criteria standards.
- Ensuring that the highest standards of competence and impartiality are maintained, and that consistency is achieved across all evaluation and certification activities.
- Possess a deep understanding of Common Criteria standards, Protection Profiles, Security Targets, Evaluation Assurance Levels (EALs), and related documentation.
- Provide guidance and mentorship to CB team members Certifiers and evaluators, ensuring their understanding of the certification process and helping them with complex evaluations.
- Lead and oversee the review and assessment of documentation submitted by product developers, including Security Target documents, design specifications, and test plans.
- Conduct advanced technical risk assessments, identifying potential security weaknesses or flaws in products or systems and providing expert guidance for mitigation.
- Oversee and manage the testing phase, ensuring that security testing is conducted rigorously and accurately.
- Conduct of day to day certification, certificate maintenance and mutual recognition projects and in compliance with scheme documentations.
- Assisting with the development of policies, standards, procedures and guidelines.
- Make recommendations regarding certification at specific Evaluation Assurance Levels (EALs) based on extensive evaluation expertise and knowledge of the certification process.
- Stay up to date with the latest developments in security, emerging threats, and evolving technology to ensure the certification process remains relevant.
- Collaborate with stakeholders, such as developers, evaluators, and national certification authorities, to ensure a consistent and accurate evaluation process.
Requirements
- A university degree level qualification in IT, information security or a related field, ideally with a focus on security domains.
- Certification from a recognized Common Criteria certification body and previous experience as a Certifier is desired.
- IT Security Overview Training and certification.
- Common Criteria for IT Security Evaluation Training and certification.
- Minimum 8 years.
- Minimum 4 years of work experience as a Senior IT / Information Security / Cyber Security Auditor and/or Risk Management and/or Cyber Security/Information Security Management.
- Proficiency in Arabic and English (spoken and written) is preferred.
Other Required Qualifications
- Analytical and problem solving skills.
- Proven experience in IT and Information Security Assessment.
- Common Criteria for IT Security Evaluation Training.
- Experience in Risk Assessment and management.
- Should have hands on experience in information security.
- Understanding of ISO27001 certification audit requirements.
- Excellent communication, documentation, and report writing skills.
- In depth knowledge of security testing methodologies and tools.
- Have analytical & assessment experience of formal schemes and can assess a situation in a fair and objective manner.
- Have training, workshops planning and delivery experience across Government & private sector.
Technical
- Experience in Risk Assessment and management including audit methodologies and risk assessment methodologies.
- Understanding of NIA controls and implementation requirements.
- Proficiency in security frameworks and standards like NIST, ISO27001, NIA.
- Strong awareness of Information Security / Cyber Security trends.
Behavioural
- Ability to multitask and work effectively with multiple project teams, sponsors, and customers.
- Ability to pay close attention to detail, meet deadlines and work under pressure.
- Interpersonal skills.
- Work autonomously with a high degree of enthusiasm.
Specific
- Excellent technical report writing skills.
- Have capabilities to understand and interpret the Certification Criteria (ISO/ IEC 17021, ISO/ IEC 17024, ISO/ IEC 27006 and ISO/IEC 17065).
- Knowledge of auditing and information assurance standards like ISA, ITAF, ISO17021, ISO19011.
- Proficiency in security frameworks and standards like, ISO27001, NIA, CSF Q2022.
- Familiarity with third party audit, Certification and Information Security / Cyber Security audits.
- Proven, hands on, experience in Information Security Audit or Information Security Management.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at BAE Systems
Operations Manager Central
Saudi Arabia, KSA
BAE Systems seeks an Operations Manager Central to manage business and residential facilities in Riyadh and Al-Majma'ah, Saudi Arabia. The role involves overseeing O&M suppliers, delivering projects, and ensuring contrac
Senior Cybersecurity Certification & QMS Specialist (Common Criteria)
Qatar, QAT
The Senior Cybersecurity Certification & QMS Specialist is responsible for managing and continuously improving the quality management system (QMS) that governs cybersecurity cer...
Cybersecurity Assurance Consultant
Qatar, QAT
The Senior Cybersecurity Assurance Consultant is responsible for leading, planning, and enhancing assurance services, ensuring effective delivery of cybersecurity, information s...
Senior Cybersecurity Certification Consultant
Qatar, QAT
The Senior Cybersecurity Certification Consultant is responsible for leading and executing certification assessment activities to evaluate organizations compliance with national...
Treasury Manager
Qatar, QAT
The Treasury Manager will be responsible for managing the Family Office's treasury activities, ensuring effective liquidity management, banking relationships and funding arrange...
Chief Investment & Operating Officer
Qatar, QAT
Lead a diversified family office investment portfolio across real estate, private equity, venture capital, listed and private investments. Drive investment strategy, portfolio m...
Operations Manager East
Saudi Arabia, KSA
BAE Systems seeks an Operations Manager East to oversee facilities management scope in Dhahran, Saudi Arabia. The role involves managing O&M suppliers, delivering projects to cost/time/quality, and ensuring contractual o
Senior Cybersecurity Accreditation Auditor
Doha, QAT
The Senior Cybersecurity Accreditation Auditor is responsible for delivering day-to-day accreditation services and ensuring that assessments of third parties are conducted in a ...
Operations Manager Central
Saudi Arabia, KSA
Senior Cybersecurity Certification & QMS Specialist (Common Criteria)
Qatar, QAT
Cybersecurity Assurance Consultant
Qatar, QAT
Senior Cybersecurity Certification Consultant
Qatar, QAT
Treasury Manager
Qatar, QAT
Chief Investment & Operating Officer
Qatar, QAT
Operations Manager East
Saudi Arabia, KSA
Senior Cybersecurity Accreditation Auditor
Doha, QAT
