Director (Cyber)

About Us : Kaizen is the Number 1 Recruitment Leader in the MENA region and works on placing high-caliber professionals in prominent and lucrative roles across the Middle East & and GCC

Our Client : We have been operating in Qatar for nearly 47 years, having established our presence in 1977. Today, we are recognized as one of the largest and most esteemed professional services firms in the country. Our team in Qatar comprises over 350 professionals and partners, representing 28 nationalities. This diverse talent pool allows us to deliver Audit, Tax, and Advisory services locally, informed by the latest insights and best practices from around the globe.

Role Overview

Make a significant impact in the field of Cyber Security, specifically focusing on IoT / OT security. Apply your expertise, drive innovation, and collaborate with a talented team to advise on and deliver exceptional cyber security solutions to our clients. You will lead and manage teams to deliver security engagements with our clients. You will contribute technical insights to client engagements. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You\'ll also identify potential business opportunities for KPMG within existing engagements and escalate these as appropriate.

Strategic Planning and Execution : Oversee the planning, design, implementation, testing, and operation of cyber security processes and systems for Operational Technology engagements. Provide guidance on security architecture for the Operational Technology domain, including threat detection and response systems as part of the overall security capability for OT environments. Provide direction for business process and security architecture design, particularly in relation to security analyst tools for security incident management. Administer security configurations for threat management platforms in a wide array of large-scale environments, including security orchestration, automation, and response (SOAR) and security information and event management (SIEM) tools.

ICS / OT Cyber Security : Develop ICS / OT cyber security strategies and lead the implementation of transformation programs. Build and develop long-term relationships with senior stakeholders across the market, including client organizations. Conduct ICS / OT site assessments to identify business-critical systems and develop effective risk mitigation measures. Contribute to the latest thought leadership and industry research on ICS / OT cyber security and organizational crisis and response management to cyber issues.

Job Responsibilities / Accountabilities :

• Leading a portfolio of engagements and projects with our clients; reporting to a Partner
• Managing and creating reports and via review ensuring the highest quality deliverables prior to Partner’s review
• Contributing to developing the market for Cyber Security services across all sectors and identify sales opportunities and escalating these to senior management.
• Establishing client relationships with senior stakeholders across our clients including internal stakeholders
• Working with prospective clients to identify opportunities, scope engagements, and create high quality proposals.
• Advocating and championing Cyber Security service both internally to our wider network of colleagues and to our clients and the wider market
• Contributing to the creation of proposals and marketing material
• Managing engagements to time and budget
• Contributing to the development of the existing cyber risk team acting as mentor and coach to the junior members of the team and leading by example
• Contributing to the latest thought-leadership, industry research and creation of marketing collateral relating to cyber security
• Perform security risk and controls assessments and/or penetration testing to evaluate and analyze threat, vulnerability, impact, risk, and security issues to business.
• Assist client in evaluating, enhancing, or developing, and managing their :
• Cybersecurity Management programs including technology controls, process controls, and governance, risk, and compliance elements.
• Business Continuity and Disaster Recovery Management programs
• Data Protection and Privacy management programs
• Threat and Vulnerability Management programs
• Security Incident Detection and Response management programs
• Identity and access management programs
• Consistently deliver quality client services and manage expectations of client service delivery.
• Stay abreast of current business and industry trends relevant to the client's business.
• Demonstrate technical, risk capabilities and professional knowledge.
• Remain current on new developments in advisory services capabilities and industry knowledge.

Required Qualification

• Bachelor’s degree in engineering or Bachelor of Computer Science in Information Technology / Systems
• Plus MBA or plus postgraduate in Engineering.
• Related professional certifications such as CSSA, GICSP, GRID, CISSP, or ISA 62443 is a plus.
• Project and program management related certification such as Prince, Scrum, Agile, etc.

Required Experience :

• Minimum of 15 years of working experience in a professional business environment, with extensive work in Cyber security and OT plant or affiliate.
• Minimum 5 years for Managers or 8 years for Senior Managers of recent relevant work experience in information security or information technology discipline
• Have knowledge and experience in designing, commissioning, or maintaining ICS systems, such as SCADA, EMS, DCS, or PLC.
• Possess knowledge of security standards such as IEC 62443 / ISA 99, NIST SP 800-82, C2M2.
• Display a passion for advisory and Cybersecurity topics, along with a willingness for continuous self-development.
• Demonstrate strong communication skills (both written and verbal) to effectively communicate with technical and non-technical audiences.
• Have the ability to author technical and non-technical documents for varying audiences, ranging from technical automation personnel to senior security or operations personnel.

Personal Attributes :

• Ability to communicate effectively and with gravitas with senior stakeholders both internal and external.
• Significant and recent experience in a consulting firm or industry of preparing and delivering technology programmes.
• Comfortable with ambiguity, fluid consulting situations and a highly pressured environment.
• Professional presentation skills with impact, competent in presenting ideas clearly, convincingly to influence senior stakeholders and possessing personal presence, with the ability to earn trust and respect.