Information Protection Consultant

Job Description

Information Security Program is to ensure that the information security governance and controls are implemented effectively, in line with COMPANY strategic business objectives, regulatory compliance requirements and the region threat landscape context.<p><br></p>COMPANY is seeking to contract a mature experienced organization to perform information protection enterprise-wide rollout.<p><br></p><strong>Your Tasks</strong><p><br></p><strong>The CONTRACTOR shall ensure that as a minimum the following is captured:</strong><p><br></p><ul><li>Information Asset criticality (CIA);</li><li>Sensitivity Data Classification;</li><li>Identity Access Management requirements (Access Model, Segregation of Duty, Application/Data ownership, Privilege Access Management);</li><li>Information/data privacy requirements;</li><li>Integrity requirements.</li></ul><p><br></p><strong>Based on the information asset classification the CONTRACTOR shall ensure that as a minimum the following requirements are captured:</strong><p><br></p><ul><li>The confidentiality, integrity, and availability requirements;</li><li>The identity access management requirements;</li><li>The data sensitivity classification and information protection requirements;</li><li>The data privacy requirements of the information.</li><li>The CONTRACTOR will use the existing Business Impact analysis conducted by COMPANY Business Continuity team and conduct information classification exercise for 05 departments.</li></ul><p><br></p><strong>CONTRACTOR shall conduct interviews and workshops with the business to perform Information Classification (CIA) considering the following:</strong><p><br></p><ul><li>COMPANY risk matrix and Information Classification Standard;</li><li>Business Impact analysis conducted by COMPANY Business Continuity function for those departments;</li><li>Where possible CONTRACTOR shall leverage outputs from other initiatives conducted by the COMPANY.</li></ul><p><br></p><strong>CONTRACTOR shall use the already developed templates and information available and provided by the COMPANY and ensure that as part of the Information Classification Matrix the following information is captured:</strong><p><br></p><ul><li>Identification of Information Assets’ Owners;</li><li>Identification of Information with Privacy Data;</li><li>Group of Information Assets into Information Types.</li></ul><p><br></p><strong>Your Profile</strong><p><br></p><ul><li>Relevant experience in Information Security with at least five (5) years in an Information Protection and privacy role;</li><li>Confirmed experience in implementing end-to-end Information Protection enterprise-wide in well-established organizations;</li><li>Hands-on experience in Information Protection and Privacy built by design controls definition and implementation;</li><li>Confirmed experience in Microsoft Information Protection enterprise-wide implementation in well-established organizations;</li><li>Confirmed experience in assessing, defining, and implementing DLP rules;</li><li>Confirmed experience in local and international privacy laws. Hand-on experience in establishing GDPR or other privacy laws;</li><li>Expertise in implementing information protection and privacy security controls from technological and administrative aspect;</li><li>Experience in implementing information protection, privacy procedures and gap assessments;</li><li>Experience and knowledge of ISO/IEC 27001:2013, GDPR, NIST CSF, DLP &amp; other Information Protection technologies;</li><li>The following certification in good standing is mandatory for the personnel assigned to providing the SERVICES as per this document:</li><li>Certified Information Privacy Manager (CIPM); Certified Information Systems Security Professional (CISSP), Project Management certification;</li><li>Minimum 5-year experience in project management activities;</li><li>Good understanding of cloud solution (focus on Azure) and digital transformation process;</li><li>CONTRACTOR PERSONNEL shall demonstrate understanding of the organization culture and clear understanding of overcoming these challenges prior engaging.</li></ul><p><br></p><strong>Our Offer</strong><p><br></p><strong>Salary:</strong><p><br></p>Day Rate in USD Plus Allowance<p><br></p><strong>Work Schedule:</strong><p><br></p>9 Hours / 6 Days<p><br></p><strong>Duration:</strong><p><br></p>12 months with possible extension<p><br></p><strong>Location:</strong><p><br></p>Qatar