IT Security Governance Officer

About the Role

This position focuses on building, maintaining, and overseeing information security governance within a government setting. The role is responsible for making sure security practices follow national cybersecurity rules, government directives, and recognized international frameworks, while also contributing to risk management, audit readiness, and secure digital service delivery.

Key Responsibilities

• Create, update, and manage security policies, standards, and procedures so they remain aligned with public-sector requirements.
• Support adherence to national cybersecurity regulations, data protection obligations, and official government instructions.
• Map governance practices to ISO 27001, NIST, COBIT, and other applicable public-sector standards.
• Carry out security risk assessments and assist in defining and tracking risk treatment actions.
• Oversee compliance with security controls across systems and organizational entities.
• Coordinate internal audits, external audits, regulatory checks, and wider compliance reviews.
• Monitor open security risks, policy exceptions, and remediation progress.
• Contribute to incident governance activities, including reporting and after-incident review processes.
• Review the security posture and compliance of third parties and vendors involved in government engagements.
• Help enforce data classification rules, access control requirements, and information-handling procedures.
• Support cybersecurity awareness campaigns and compulsory training initiatives.
• Prepare governance reports, compliance dashboards, and management submissions for senior leadership.
• Work closely with legal, compliance, IT, and national cybersecurity stakeholders.

Requirements

• Deep understanding of cybersecurity governance practices and regulatory expectations in a government environment.
• Hands-on background in public-sector IT compliance, risk management, and audit coordination.
• Working knowledge of ISO 27001, NIST, COBIT, and related governance models.
• Capability to perform risk assessments, monitor compliance, and support audits effectively.
• Strong ability to draft policies, documentation, and formal reports.
• Comfortable explaining security risks clearly to executive and non-technical audiences.
• High ethical standards and the ability to manage sensitive and confidential information responsibly.
• Bachelor’s degree in Information Security, Computer Science, IT, or a related discipline.
• 4 to 7 years of experience in information security governance, risk, or compliance, with public-sector exposure preferred.
• Preferred certifications include CISM, CISSP, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, and CRISC.

Additional Information

This opportunity is based in Doha, Qatar, and follows a full-time, onsite working arrangement. No salary or stipend details were provided. The role is intended for candidates who can contribute to secure digital governance in a government context and collaborate across technical, legal, and compliance teams.

Eligibility

Professionals with the required degree and several years of relevant experience in security governance, risk, or compliance are encouraged to apply, especially those with public-sector experience and relevant security certifications.

Preferred Certifications

• CISM
• CISSP
• ISO 27001 Lead Implementer
• ISO 27001 Lead Auditor
• CRISC