GRC & Network Security Lead - Qatar

We are seeking experienced professionals who can balance technical network security expertise with strategic Governance, Risk, and Compliance (GRC) leadership. This role is split 50-50 between hands-on security engineering and GRC program management.

• Develop, implement, and maintain the organization’s GRC framework, policies, and procedures.
• Conduct risk assessments, audits, and ensure compliance with regulatory standards (ISO 27001, NIST, GDPR, etc.).
• Prepare and manage compliance documentation, reports, and evidence for internal and external audits.
• Lead third-party risk assessments and vendor security reviews.
• Facilitate security awareness training and ensure organizational alignment with security policies.
  

• Configure, manage, and troubleshoot Palo Alto & Fortinet firewalls (on-prem and cloud).
• Implement and maintain security solutions: WAF, Cisco ISE, ASA, ESA, WSA, DNS Security, IP Telephony.
• Monitor security infrastructure using Microsoft Defender, Sentinel, and M365 Security tools.
• Perform security operations: incident response, vulnerability management, and threat hunting.
• Design and deploy network security architectures and improvements.

• Minimum 5-7 years in combined roles of network security engineering and GRC.
• Hands-on experience with Palo Alto/Fortinet firewalls and Microsoft security stack.
• Proven track record in GRC program implementation, risk management, and compliance auditing.
• Strong understanding of security frameworks (ISO 27001, NIST, etc.).
  

• Certifications: CISSP, CISM, CRISC, PCNSE, NSE.
• Experience in regulated environments (finance, healthcare, government).
• Excellent communication skills for stakeholder engagement and reporting.