Security Operations Officer- Data Security Specialist INTALEQ

The Information Security Officer (Data & AI) is a senior technical role responsible for the implementation, operation, and enforcement of data security controls across IT and AI platforms. The role ensures that organizational data is properly protected, encrypted, monitored, and compliant with Qatar’s national requirements (PDPPL, NIA, QCSF) through practical and scalable security mechanisms.

Data Security Architecture & Implementation

• Security Architecture: Design and implement data security controls including DLP, encryption, and data protection mechanisms across structured and unstructured environments.

• Control Enforcement: Ensure consistent enforcement of data classification, encryption, and access controls across databases, endpoints, and cloud platforms.

• Compliance Enablement: Translate PDPPL and national data classification requirements (C0–C4) into enforceable technical controls.

  
  

Data Privacy Engineering

• Privacy Controls Implementation: Embed privacy controls (masking, tokenization, anonymization) into applications and data platforms.

• DPIA Execution: Conduct Data Protection Impact Assessments (DPIAs) with a focus on identifying and mitigating technical risks.

• Data Visibility: Implement data discovery, classification, and lineage tooling to track sensitive data flows.

• Data Residency Controls: Enforce data residency and sovereignty requirements across cloud platforms (Azure/GCP).

  
  

AI Data Security

• AI Security Controls: Implement safeguards for Generative AI and LLM usage, including access control, logging, and data leakage prevention.

• Data Sanitization: Apply masking and anonymization techniques to datasets used in AI/ML pipelines.

• Third-Party Risk (Technical): Perform technical security validation of AI vendors, focusing on data handling and model training exposure risks.

  
  

IT/OT Data Protection Integration

• Secure Data Transfer: Implement encryption and data filtering controls for data flows between OT and IT/cloud environments.

• Segmentation Controls: Enforce security controls at Industrial DMZ and integration points (e.g., firewalls, proxies, encryption gateways).

• Monitoring & Risk Detection: Support detection of data exposure risks from industrial systems through logging and monitoring solutions.

Data Protection Operations & Cryptography

• Encryption & Key Management: Operate and manage encryption solutions including HSMs and Cloud KMS (BYOK/HYOK).

• Security Tools Operation: Deploy, tune, and operate DLP, Database Activity Monitoring (DAM), and data classification tools (e.g., Microsoft Purview / Azure Information Protection).

• Monitoring & Response: Support incident detection and response related to data leakage, misuse, or unauthorized access.

  
  

Experience-

• 8+ years in Information Security, with at least 5 years focused on data security implementation or privacy engineering

• Experience in Critical Infrastructure, Energy, or Government sectors (Qatar regulatory exposure preferred)

• English (Fluent); Arabic (Preferred)

Technical Competencies:

• Cloud: Hands-on implementation of Azure/GCP data security controls

• Regulations (Applied): Practical implementation of PDPPL, ISO 27001, NIA, NIST CSF

• AI/ML: Understanding of AI data security risks (e.g., OWASP Top 10 for LLMs)

• OT Exposure: Familiarity with Purdue Model and IEC 62443

Certifications:

• CISSP or CISM

• CDPSE or CIPP/E

• CCSP or relevant AI security certifications (e.g., AIGP)