Technology Specialist (Cyber Security Expert)
The Technology Specialist (Cyber Security Expert) coordinate and support all related deliverables to planning, coordination, design, sign off, operation and dismantling of all Information Security of the FIFA World Cup Qatar 2022 LLC.
Ensure all aspects of Cyber Security services are implemented according to FIFA requirements for the event and its readiness exercises, coordinating with suppliers, government entities and FIFA through proper channels of communication.
- Plan Cyber Security policies and procedures based on the NIST Cyber Security framework and FIFA requirements.
- Ensure that Business Impact Analysis (BIA) process is used to map risk to key systems and applications based on criticality and impact.
- Create and/or contribute to necessary security controls for Infrastructure, network and hosting services in collaboration with Q22/FIFA suppliers as well as subsequent services (Applications & Data).
- Plan in collaboration with FIFA and Host Country relevant parties (private and governmental) for the Security Operation Center (SOC).
- Manage large-size and complex projects and initiatives in the area of responsibility.
Implementation and Operation
- Participate in planning all positions of the SOC, defining the responsibilities matrix, processes, policies and procedures with all stakeholders.
- Supervise the SOC performance and coordinate the implementation of improvements.
- Plan in collaboration with FIFA, Host Country and the suppliers for the central support and monitoring of the services during the tournament and Competition Related Events.
- Report progress, issues and risks related to IT Security projects and operations, according to IT governance and keep counterpart aligned.
- Support the development of the IT readiness program, including test events and exercises, policies and procedures, training of the team and redeployment to the tournament time positions.
- Maintain the integration with the infrastructure specialists and venue management coordinators, ensuring alignment and communication on all IT security standards across the entities, from the planning, transition, acceptance, service delivery to implementation, operation and dissolution
- Ensure a seamless transition process from delivery to operation, onboarding services in the service catalogue and involving all relevant support teams in this process.
- Lead the elaboration of the policies and procedures related to rate card network services covering all the phases of the project from request to delivery, support and payment.
- Review and approve SOC supplier deliverables.
- Evaluate and monitor information security activities on IT services on production environment.
- Actively participate and ensure SOC supplier adherence to processes like incident and major incident, change management, and others.
- Facilitate NIST Cyber-Security Framework-based assessments on IT services and suppliers to ensure technical and organisational controls are in place.
- Stewardship of security reporting of metrics and KPIs. Identify security outstanding risks, issues or gaps in controls and report them to Security Governance Committees.
- Be responsible for FIFA World Cup Qatar 2022 Cyber Security services and act as prime contact point during test events & tournament.
- Supervise SOC (Security Operation Center) performance.
- Ensure that all information pertaining to the delivery and support of Cyber Security are communicated to, and understood, by venue/site authorities, respective delivery teams.
- Ensure that all information pertaining to the delivery and support of cyber security are communicated to and well understood by all parties.
- Effectively manage stakeholders and perform adequate communication with relevant parties.
Demobilisation and Knowledge Sharing
- Support the smooth termination Cyber Security services of the venues/sites and hand-over to Host Country.
- Deliver technical guidance, coaching & mentoring to team members.
- Prepare good practice and educational material for personnel.
- Any other duties that may be required.
Qualifications and experience
- A minimum experience of 8-10 years in IT Cyber Security.
- University degree or similar higher education, in Information Technology, Information Security, Computer Science or related field.
- Experience in international sports / event management.
- Strong IT skills and knowledge, especially in IT Infrastructure, Cyber Threats and Responses
- Current security certifications such as CISA, CISM, CISSP, CCIE Security.
- In-depth knowledge of architecture, engineering, and operations of enterprise SIEM (Security Information & Event Management) platforms.
- Experience in ISO27001 standards and NIST framework.
- Project Management skills to manage large-size and complex projects and initiatives.
- Effective communication skills.
- Good analytical skills and problem-solving skills.
- Experience or knowledge of local culture is essential.
- Fluency in English is essential. Fluency in Arabic is an asset.
- Team Player, willing to work to tight timelines.
- Positive attitude, patience and persistence.