Senior VP Offensive Cyber Security

Position: Senior Vice President, Offensive Cyber Security
Department: Information Security
Reports to: Chief Information Security Officer

This role is based in Qatar and will require relocation (relocation package included).

Job Purpose Lead and manage the Offensive Cyber Security function, ensuring IT applications and infrastructure comply with security policies, regulatory requirements, and industry best practices. Oversee vulnerability scanning, penetration testing, and Red Team operations, while managing relationships with external security vendors. Combines team leadership with advanced ethical hacking expertise.

Key Responsibilities
1. Leadership & Financial:

• Set and monitor KPIs; implement best practices for the security team.
• Promote cost-efficiency and productivity, and ensure proper delegation of authority.
• Understand financial and operational drivers affecting performance.

2. Customer (Internal & External):

• Manage in-house and outsourced penetration testing teams.
• Establish and lead a Red Team; define service strategy and delivery.
• Conduct technical risk assessments and security evaluations of systems, applications, and IT infrastructure.
• Provide subject matter expertise on emerging technology risks.
• Maintain service levels and provide accurate reporting to auditors, compliance, and risk functions.

3. Internal Processes & Compliance:

• Set high-performance targets and lead improvement initiatives.
• Assess security systems, enforce policies, and build cross-department relationships.
• Encourage innovation and continuous improvement across the team.

4. Learning & Development:

• Maintain expertise in security issues, IT systems, and regulatory requirements.
• Conduct team performance reviews, coaching, and facilitate staff development.
• Keep current with evolving security trends and emerging threats.

5. Legal, Regulatory & Risk:

• Comply with internal policies, laws, and regulatory requirements (e.g., AML, Data Protection, Fraud Control).
• Operate under the Three Lines of Defence model; support risk reporting and remediation.
• Attend mandatory training and seminars to maintain competency.

6. Other Duties:

• Maintain confidentiality of sensitive information.
• Uphold professional standards and organizational reputation.
• Perform ad hoc duties as requested by management.

Education & Experience

• Bachelor’s or Master’s degree in IT, Business, Finance, Economics, or related field.
• Minimum 15 years of technical security experience, including penetration testing and Red Team exercises.
• Professional certifications mandatory: CISSP, CISM, CISA.
• Experience in banking, financial services, or Big 4 consultancy preferred.

Special Skills & Competencies

• Advanced knowledge of penetration testing tools, network topologies, firewalls, and operating systems (Windows, Linux, Solaris).
• Experience with zero-day exploit identification and multi-forest Active Directory domains.
• Programming skills (ASP, PHP, C#) a plus.
• Excellent communication and presentation skills in English; other languages an advantage.
• Strong analytical, planning, and decision-making skills.
• Personal integrity, results orientation, and leadership capability.

Location & Environment

• Based in Qatar, with occasional domestic and international travel as required.

Supervisory Responsibilities

• Direct Reports: AVP, Senior Manager, Manager, Assistant Manager, Senior Associate, Associate – Offensive Cyber Security.
• Indirect Reports: N/A