Lead, Risk and Information Protection at VINCI Energies Afrique de l'Ouest

Doha, , Qatar -

Full Time

Start Date

Immediate

Expiry Date

05 May, 26

Salary

0.0

Posted On

04 Feb, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Risk Management, Information Protection, Governance, Compliance, Data Protection, Training, Analytical Skills, Communication Skills, Vendor Management, Industrial Cybersecurity, Project Management, Strategic Planning, Operational Planning, Technical Assistance, Safety

Industry

Information Technology & Services

Description

Shape the future of energy with VINCI Energies Oil & Gas! At VINCI Energies Oil & Gas (VINCI Energies grop, we empower our clients in the energy sector by delivering end-to-end support across the full lifecycle of their industrial projects, energy infrastructures, and ICT operations. 💼 As a specialized service company, our 2,000 experts operate across five continents, bringing cutting-edge expertise from design to operation. With 35 agile and locally rooted Business Units, we combine deep field insight with the strength of a global network of trusted brands. 🚀 Our diverse business lines include EPC project delivery, engineering, automation, commissioning, maintenance, training, fire and gas analysis, technical assistance, safety, and cybersecurity. We proudly serve leading operators in Oil & Gas, Transmission Systems, Electrical Infrastructure, and Renewable Energy—driving innovation and excellence in every project. Responsibilities Governance Risk and Compliance: Develop and implement a comprehensive cybersecurity governance framework aligned with industry best practices, regulations, and organization objectives. Information Protection: Develop and implement a comprehensive strategy for safeguarding sensitive information, data assets and access management. Security awareness and training: Develop and deliver training programs to raise users’ awareness about cybersecurity, policies, and threats to foster a positive cybersecurity culture throughout the organization. Cybersecurity program: Develop and execute strategic roadmap for the organization cybersecurity program for IT and OT in line with business requirements and objectives. Lead continuous improvement process of organizational information security compliance through effective controls, and assessments. Establish and develop robust governance arrangements to ensure cybersecurity requirements are captured in all DBS programs and projects. Ensure comprehensive updated and organized records of risk assessments, control assessments and audit findings. Stay updates with latest cybersecurity threats, trends and technologies and assess their potential impact on the organization. Lead, guide and support data protection practices in collaboration with legal, HR and business teams and conduct sessions to train users and raise their awareness. Provide advice and recommendations regarding information protection controls to IT projects throughout the lifecycle, including management of the risk assessment methodology and documentation. Collaborate with subject matter experts to identify best practices and develop strategies to implement across organization to drive maturity and standardization. Profile Graduate and/or master’s degree qualifications in either Computer Science, Information Technology, or a related discipline. 10+ years’ experience in a similar role, in large enterprise environments (>1000 users), with multiple geographic locations. Oil and Gas experience (or manufacturing industries) is preferred. Professional certifications in Information Security and/or Information technology – CISSP and/or CISM at minimum is required. Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies. Knowledge of and experience in managing, developing and documenting security programs and plans, including strategic, tactical, and operational plans. Strong analytical skills to analyse security requirements and relate them to appropriate security controls. Strong communication skills, including written, oral and presentation skills. Must be fluent in English. Professional certification in Industrial Cybersecurity e.g., GICSP or similar) is desirable. Knowledge of Industrial Cybersecurity standards is desirable. Exposure to program and project management is desirable. Vendor management skills and ability to define and negotiate effective SLAs and service KPIs with vendors. Extensive technological domain knowledge to understand integration of digital products with IT systems & architecture. Good knowledge of the business to understand business requirements and implications on organization operations. Why join us ? 🧬 Our DNA: Trust, Entrepreneurial Spirit, Solidarity, Autonomy, Responsibility Joining us means becoming part of a large group while enjoying the agility and warmth of a human-sized company! 🚀 A personalized onboarding journey from day one, with tailored career follow-up 🏫 Opportunities for growth, training, and mobility within a fast-growing international group 🙏🏼 Close and supportive management 💶 Recognition of employee performance through a company savings plan 🥇 Pride in shared achievements ☘️ Respect for the environment and local communities in the countries where we operate (Human Rights Guide) 🦺 Commitment to the health and safety of our employees 👋 At VINCI Energies Oil & Gas, CSR initiatives are deeply embedded in our activities, our ways of working, and ultimately, in our DNA

Responsibilities

Develop and implement cybersecurity governance frameworks and strategies for information protection. Lead training programs and ensure compliance with cybersecurity requirements across the organization.