Job Overview
Job title: Technology Services Controller
Job family: Corporate & Commercial
Closing date: 20-Jul-2025
About Hamad International Airport:
Hamad International Airport enjoys a dominant position in the aviation industry. It has been voted the best airport in the world by Skytrax in 2024. Our passenger volumes are on a steady and fast-growing path thanks to an unprecedented facility expansion that enhanced operational capacity and will drive business growth in the next years.
About the role:
This role is required to be part of MATAR-IT Cyber Security and Risk Management team, with a primary role to manage information security management system (ISMS) across MATAR and its business units. Ensure compliance to ISMS through periodic review, audit and assessments. Report & track any non-compliance to closure and maintain risk under acceptable level.
Key responsibilities
- Assess the efficacy of implemented information security controls in alignment with the Information Security Management System (ISMS) framework requirements.
- Create robust security standards, procedures, and controls to effectively manage risks in align with business requirements.
- Regularly evaluate risks associated with information systems and supporting infrastructures.
- Maintain ongoing surveillance of information security controls, exceptions, and risks.
- Generate comprehensive management reports including key performance indicators for information security controls.
- Engage with both internal and external stakeholders to facilitate audits and assessments, including SOC-2, ISO 27001, 27017, 27018, NCSA, CSF, and PCI.
- Review IT service requests to ensure security compliance.
- Evaluate proposed project and operational changes with a focus on information security requirement adherence.
- Familiarity with applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations.
- Understanding of information technology systems, network infrastructure, data architecture, processes, and protocols.
- Proficiency in cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration.
- Knowledge of information systems auditing, monitoring, controlling, and assessment processes.
- Competence in incident response management and risk assessment methodologies.
Qualifications
- Certification in either CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) is mandatory.
- CISA (Certified Information Systems Auditor) or CRISC (Certified in Risk and Information Systems Control).
- ISO 27001:2022 LA
- Cloud Security Certificate / AZURE / GOOGLE / AWS
- Payment Card Industry Data Security Standard (PCI-DSS) requirements (CPISI).
- Specialized knowledge in securing operational technology (OT) systems such as ISA 62443 is an added advantage, preferred.
About Qatar Airways Group
Our story started with four aircraft. Today, we deliver excellence across 12 different businesses coming together as one. We’ve grown fast, broken records and set trends that others follow. We don’t slow down by the fear of failure. Instead, we dare to achieve what’s never been done before.
So whether you’re creating a unique experience for our customers or innovating behind the scenes, every person contributes to our proud story. A story of spectacular growth and determination. Now is the time to bring your best ideas and passion to a place where your ambition will know no boundaries, and be part of a truly global community.
