Skip to content

Cyber Security Manager

General Information

Ref #
227446
Location
Qatar-Doha
Job family
Corporate & Commercial
  • Closing Date: 2026-06-03

Description

About the Role

You will be responsible for supporting the Cyber Security function across key domains including Security Incident Management, Security Operations Centre (SOC), Cloud and Network Security, Identity and Access Management, Data Protection, Compliance, and Security Testing. The role involves managing and developing core technical teams to ensure that cyber governance, security operations, cloud and network security controls, and cyber architecture and design objectives are effectively translated into robust technical and organizational controls.

You will work closely with senior stakeholders to protect enterprise and cloud platforms from internal and external threats, strengthen incident response capabilities, ensure regulatory and industry compliance and drive continuous improvement in cyber security operations across on-prem, cloud, and hybrid environments.

Key Responsibilities

  • Design, implement, and enforce secure cloud and hybrid architectures across Oracle Cloud Infrastructure (OCI), Microsoft Azure, and Google Cloud Platform (GCP) using Zero Trust and defense‑in‑depth principles.

  • Lead cloud security engineering across OCI, Azure, and GCP, leveraging native security services such as OCI Cloud Guard, Security Zones, IAM, Defender for Cloud, Microsoft Sentinel, Azure Policy, GCP Security Command Center, Cloud Armor, and VPC Service Controls.

  • Architect and govern hybrid cloud environments spanning on‑premises data centers and public cloud platforms with secure identity federation, network segmentation, private connectivity, encryption, and centralized monitoring.

  • Define and implement secure network architectures including hub‑and‑spoke, landing zones, private endpoints, service gateways, and secure inter‑cloud and on‑prem connectivity.

  • Integrate cloud and SaaS security controls into CI/CD pipelines using DevSecOps practices, infrastructure‑as‑code (Terraform/Bicep), and automated policy enforcement.

  • Design and manage federated identity and access management across OCI IAM, Azure AD (Entra ID), GCP IAM, and SaaS platforms, implementing SSO, SAML, OAuth 2.0, and OpenID Connect.

  • Implement and govern RBAC, ABAC, privileged access management (PAM), just‑in‑time access, and identity governance lifecycle controls across cloud and SaaS platforms.

  • Support the Manager Cyber Security to implement the National Security Operations Centre (NCSOC) to ensure all instructions from the NCSOC are implemented in a timely manner to achieve the compliance instructions set forth by the authorities.

  • Secure SaaS platforms including Oracle Fusion (ERP/HCM), Salesforce, Google Workspace, Adobe Creative Cloud, and LinkedIn Enterprise, covering access controls, audit logging, encryption, DLP, and data classification policies.

  • Lead threat modeling, cloud risk assessments, and security architecture reviews for cloud, hybrid, and SaaS platforms.

  • Collaborate with SOC and incident response teams to onboard and correlate OCI, Azure, GCP, and SaaS telemetry into centralized SIEM and SOAR platforms.

  • Develop, maintain, and regularly test cloud, hybrid, and SaaS incident response playbooks, including ransomware, identity compromise, and data breach scenarios.

  • Ensure compliance with ISO 27001, NIST, SOC 2, GDPR, and aviation‑specific cybersecurity and regulatory standards, with strong focus on cloud and SaaS controls.

  • Review security assessments, penetration test results, and audit findings, and drive remediation plans and continuous cloud security maturity improvements.

  • Mentor and develop cloud security engineers, provide technical leadership, and represent cybersecurity in enterprise architecture and design review boards, with strong emphasis on OCI‑based workloads.

     

Be part of an extraordinary story

Your skills. Your imagination. Your ambition. Here, there are no boundaries to your potential and the impact you can make.  You’ll find infinite opportunities to grow and work on the biggest, most rewarding challenges that will build your skills and experience. You have the chance to be a part of our future and build the life you want while being part of an international community.

Our best is here and still to come. To us, impossible is only a challenge. Join us as we dare to achieve what’s never been done before.

Together, everything is possible.

Qualification

We are looking for a passionate and experienced professional to join our IT - Digital Resilience - Digital Infrastructure team. The ideal candidate should possess the following:

Essential:

  • Bachelor’s degree in information security, Computer Science, Engineering, or a related field.

  • Minimum 8 years of IT Experience, with at least 6 years specializing in cloud, hybrid, and SaaS security architecture.

  • Strong hands-on expertise in Oracle Cloud Infrastructure (OCI) security services, along with Microsoft Azure and Google Cloud Platform (GCP).

  • Proven experience securing hybrid cloud environments, integrating on‑premises data centers with public cloud platforms using secure identity, network, and connectivity models.

  • Deep knowledge of cloud-native security controls, including IAM, encryption and key management, network security, logging and monitoring, data protection, and regulatory compliance.

  • Practical experience with enterprise SaaS security, especially platforms such as Oracle Fusion (ERP/HCM), Salesforce, Google Workspace, and similar business‑critical SaaS applications.

  • Strong background in identity and access management, including SSO, federation, RBAC/ABAC, privileged access management, and identity lifecycle governance.

  • Experience designing and implementing DevSecOps and CI/CD security automation, using infrastructure‑as‑code and policy‑as‑code tools such as Terraform.

  • Solid understanding of security monitoring, threat detection, and incident response in cloud and hybrid environments.

  • Strong analytical, documentation, and stakeholder communication skills, with the ability to engage security, engineering, and business teams.

  • Good understanding of Change and Patch management for a large IT environment.

  • Experience in highly regulated or aviation‑related environments is a strong advantage.

Preferred

  • Relevant professional certifications such as CISSP, CCSP, OCI Security Professional, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or equivalent are preferred.

About Qatar Airways Group:

Our story started with four aircraft. Today, we deliver excellence across 12 different businesses coming together as one. We’ve grown fast, broken records and set trends that others follow. We don’t slow down by the fear of failure. Instead, we dare to achieve what’s never been done before. So, whether you’re creating a unique experience for our customers or innovating behind the scenes, every person contributes to our proud story. A story of spectacular growth and determination. Now is the time to bring your best ideas and passion to a place where your ambition will know no boundaries and be part of a truly global community.

How to Apply

If you are interested in submitting your application and feel you are a good fit for this role, please complete our application form and upload your CV for our review and consideration.

https://aa115.taleo.net/careersection/QA_External_CS/jobapply.ftl?lang=en&job=227446
Go back