Company: QatarEnergy
Skills: Risk Management, Regulatory Compliance
Experience: 10 + Years
Education: Bachelors/3-5 yr Degree
Location: Qatar


Department
INFORMATION & COMMUNICATION TECHNOLOGY

Title
SR. IT Governance Risk & Compliance SPECIALIST

Primary Purpose of Job
Participate in establishing and implementing Information Communication Technology Governance, Risk, Compliance, and performance management frameworks and metrics to continuously improve ICT performance and ensure ICT deliver and demonstrate value to the business. Develop, maintain, and implement ICT Service Management policies, procedures, methodologies, and related artifacts in collaboration with other stakeholders in ICT. Engage with internal audit and ICT stakeholders to conduct audit risk assessments and agree on annual audit plans. Responsible for tracking and reporting on open audit actions and working with different stakeholders to ensure timely completion of actions. Participate in ICT risk assessment activities and ensure risk practices and controls are well designed and implemented in line with Corporate ERM framework. Monitor compliance activities and ensure all ICT areas are adhering to and in compliance with ICT Governance and management procedures.

Education
Bachelor's degree in Computer Science, Computer Engineering, or equivalent education. Preferred Certifications: • ITIL V3 Expert Certified • ISO 2000 Lead Implementer / Auditor • COBIT Design and Implementation • ITIL 4 Managing Professional • Certified Information Systems Auditor (CISA)

Experience & Skills
- A minimum of 10 years of progressive experience in an enterprise IT environment, preferably in Oil & Gas industry, with at least 5 years of demonstrated experience in IT Governance and IT Service Management. - Demonstrated experience in designing, developing, executing, and improving IT Governance and IT Service Management policies, processes, practices, and supporting documentation. - In-depth knowledge and experience in formulating IT Governance objectives and goals and developing effective techniques for deriving these objectives from IT initiatives. - Practical experience in the implementation of IT Governance, Audit, Risk and Compliance frameworks such as ITIL, COBIT, NIST, COSO and CMMI. - Deep understanding of internal and external auditing techniques (i.e., audit planning, fieldwork, reporting and tracking of controls, including remediation activities). - Deep understanding of Enterprise Risk Management methodologies, frameworks, and principles to identify, assess, mitigate, monitor, test and report on risks and controls. - Good understanding and working experience in the implementation of ICT process improvements utilizing the COBIT framework and leveraging six sigma or other similar methodologies to ensure measurement and success in these areas. - Strong technical IT background with practical knowledge of a wide variety of technologies including server infrastructure & operating systems, network & communication infrastructures, database architecture and cyber & information security. - Broad knowledge of current and emerging IT industry trends and directions, particularly those associated with IT in Oil and Gas Sector. - Operates under direction using mature judgment in planning and performing assignments and achieving defined objectives. - Demonstrates a commitment to quality and continuous improvement. - Demonstrated ability to effectively participate in a multi-cultural and multi-national workforce. - Excellent written and verbal communications skills along with refined presentation skills and the ability to work with contractors and other departments at varying levels of management. - Demonstrated analytical, problem-solving, and critical thinking skills. - Ability to work with minimal supervision and consistently deliver results required.