Senior Cybersecurity Certification & QMS Specialist (Common Criteria)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
The Senior Cybersecurity Certification & QMS Specialist is responsible for managing and continuously improving the quality management system (QMS) that governs cybersecurity certification schemes.
Key Skills for This Role
Full Job Posting
Overview
The Senior Cybersecurity Certification & QMS Specialist is responsible for managing and continuously improving the quality management system (QMS) that governs cybersecurity certification schemes.
The role ensures compliance with international standards and regulatory requirements while enhancing the efficiency, consistency, and reliability of certification processes.
This position combines expertise in cybersecurity certification with strong quality assurance and audit capabilities, including conducting internal audits, managing documentation, and driving corrective and preventive actions.
The specialist works closely with technical teams and stakeholders to maintain high standards of certification, support governance activities, and align processes with evolving industry frameworks and best practices.
Key Responsibilities
- Planning, implement, monitoring, improvement and maintenance of quality management system for the different schemes in NISCF.
- Ensure that the internal process complies with relevant national and international regulations, guidelines.
- Review the quality of technical content.
- Continuously assess and improve the efficiency and effectiveness of the certification process.
- Oversee the documentation and record-keeping processes to ensure that all records are accurate, complete, and readily accessible. Ensure that the QMS documentation is up-to-date.
- Plan and conduct internal audits and reviews of the certification process to verify compliance with established procedures and to identify opportunities for improvement.
- Plan and organize scheme management review meetings.
- Review the quality of scheme documents i.e. manuals, policies, procedure, forms, templates etc.
- Implement corrective and preventive actions to address non-conformities and improve the QMS. Ensure that corrective actions are taken when issues are identified.
- Monitoring the changes of requirements (i.e. International Standards (ISO17021, 17024, 17065, 17025, 27006, 9001), National Standards)
- Assisting with the development of policies, standards, procedures and guidance based on audit findings
- Ensuring that the highest standards of competence and impartiality are maintained, and that consistency is achieved across all evaluation and certification activities;
- Possess a deep understanding of Common Criteria standards, Protection Profiles, Security Targets, Evaluation Assurance Levels (EALs), and related documentation
- Provide guidance and mentorship to CB team members Certifiers and evaluators, ensuring their understanding of the certification process and helping them with complex evaluations.
- Assisting with the development of policies, standards, procedures and guidelines.
- Make recommendations regarding certification at specific Evaluation Assurance Levels (EALs) based on extensive evaluation expertise and knowledge of the certification process.
- Stay up-to-date with the latest developments in security, emerging threats, and evolving technology to ensure the certification process remains relevant.
Requirements
- A university Master’s degree-level qualification in IT, information security or a related field. ideally with a focus on security domains
- Certification from a recognized Common Criteria certification body and previous experience as a Certifier is desired
- IT Security Overview Training and certification
- Common Criteria for IT Security Evaluation Training and certification
- Minimum10 years experience
- 5 minimum years of work experience as a Senior IT / Information Security / Cyber Security Auditor and/or Risk Management and/or Cyber Security/Information Security Management.
- Proficiency in Arabic and English (spoken and written) is preferred
Other Required Qualifications
- Analytical and problem-solving skills
- Proven experience in IT and Information Security Assessment
- Common Criteria for IT Security Evaluation Training
- Experience in Risk Assessment and management.
- Should have hands on experience in information security
- Understanding of ISO27001 certification audit requirements
- Excellent communication, documentation, and report-writing skills.
- In-depth knowledge of security testing methodologies and tools.
- Have analytical & assessment experience of formal schemes and can assess a situation in a fair and objective manner in order to arrive at a firm conclusion.
- Have training, workshops planning and delivery experience across Government & private sector
Technical
- Proven experience in IT, Information Security and Quality management Audit.
- Should have hands on experience in information security, cyber security & Quality management systems.
- Experience in Risk management and GAP analysis.
- Experience briefing senior executive staff
- Experience in Risk Assessment and management including audit methodologies and risk assessment methodologies
Behavioural
- Ability to multitask and work effectively with multiple project teams, sponsors, and customers.
- Ability to pay close attention to detail, meet deadlines and work under pressure.
- Interpersonal skills
- Work autonomously with a high degree of enthusiasm
Specific
- Excellent technical report writing skills.
- Have capabilities to understand and interpret the Certification Criteria (ISO/ IEC 17021, ISO/ IEC 17024, ISO/ IEC 27006 and ISO/IEC 17065).
- Knowledge of auditing and information assurance standards like ISA, ITAF, ISO17021, ISO19011.
- Proficiency in security frameworks and standards like, ISO27001, NIA, CSF Q2022.
- Familiarity with third-party audit, Certification and Information Security / Cyber Security audits.
- Proven, hands on, experience in Information Security Audit or Information Security Management
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at BSL
Technical Project Manager (Cybersecruity)
Doha, QAT
BSL seeks an experienced Technical Project Manager (Cybersecurity) to lead enterprise cybersecurity initiatives in Doha. The role manages complex projects, coordinates cross-functional teams, and ensures implementation o
Technical Project Manager (ICT Network)
Doha, QAT
BSL seeks an experienced Technical Project Manager (ICT Network) to lead complex ICT and network infrastructure projects in Doha. The role manages planning, design, implementation, and delivery, coordinating multidiscipl
Exams & Assessments Lead
Doha, QAT
The Examinations and Assessment Lead is responsible for managing the Examinations and Assessment team at a Technical Institute in Doha. The role ensures compliant delivery of examinations and assessments, manages student
Typhoon Avionics Operator
Umm Salal Muhammad, QAT
BSL is seeking an experienced Typhoon Avionics Operator to perform base maintenance activities on Typhoon aircraft in Qatar. The role involves detailed maintenance, inspection, fault rectification, and documentation of a
Armaments & AGE Team Lead
Dukhan, QAT
BSL seeks an Armaments & AGE Team Lead to oversee off-aircraft maintenance in Dukhan, Qatar. The role involves leading production, planning maintenance events, and ensuring quality standards. Requires an engineering appr
Senior Data Protection & Privacy Specialist
Doha, QAT
BSL seeks an experienced Senior Data Protection & Privacy Specialist to manage day-to-day privacy operations, conduct risk assessments, and ensure compliance with data protection regulations. The role requires a Bachelor
Senior Information Security / Senior Cyber Security Assessor (Certification)
Doha, QAT
BSL seeks a Senior Information Security/Cyber Security Assessor to lead certification and compliance assessment activities in Doha. The role requires 7+ years of experience, CISSP/CISA/CISM/CRISC certifications, and expe
Training Delivery Specialist
Doha, QAT
BSL is seeking a Training Delivery Specialist to design and deliver training programs, conduct Training Needs Analyses, and ensure quality standards. The role requires experience in instructional design, adult learning m
Technical Project Manager (Cybersecruity)
Doha, QAT
Technical Project Manager (ICT Network)
Doha, QAT
Exams & Assessments Lead
Doha, QAT
Typhoon Avionics Operator
Umm Salal Muhammad, QAT
Armaments & AGE Team Lead
Dukhan, QAT
Senior Data Protection & Privacy Specialist
Doha, QAT
Senior Information Security / Senior Cyber Security Assessor (Certification)
Doha, QAT
Training Delivery Specialist
Doha, QAT