About KPMG Qatar

KPMG has had a presence in Qatar for nearly 47 years. We opened for business in Qatar in 1977 and are now one of the largest and most prestigious professional services firms in the country.

KPMG in Qatar employs over 350 professional staff and partners. We recruit the best and brightest from around the world and currently employ 28 nationalities. For our clients, this means we provide Audit, Tax and Advisory services locally, drawing on the latest thinking and best practice from around the world.

Business Unit Overview

KPMG's Advisory practice is one of the largest Advisory businesses worldwide and the major growth area for our organization. Our services are focused on Finance Function, and we work with clients in identifying and tackling their challenges in Growth, Governance and Performance. Our Advisory teams support businesses as they restructure and expand, whether organically or by acquisition. We help them to become more efficient and provide support as they adapt to the challenges posed by a rapidly changing business environment

Role Overview

In this role, you will lead the design, deployment, and optimization of Microsoft Information Protection (MIP) within the Microsoft Purview suite, driving enterprise-wide improvements in data protection, privacy, and governance. You will play a key role in implementing end-to-end data security controls, aligning them with business objectives, and ensuring compliance with regulatory frameworks.

This position requires both technical expertise and strong stakeholder influence — enabling you to translate complex cybersecurity concepts into actionable strategies that enhance operational efficiency and data assurance. The successful candidate will also contribute to the broader security architecture, integrating MIP capabilities with technologies such as SIEM, CSPM, and CASB to deliver comprehensive data visibility and protection.

Skills

Primary Job Responsibilities & Accountabilities:

Information Protection & Governance

• Lead the implementation, optimization, and enterprise adoption of Microsoft Information Protection (MIP) across key business operations.

• Develop and enforce data labeling, retention, and protection policies in alignment with organizational and regulatory requirements.

• Establish governance frameworks ensuring secure data handling throughout operational workflows.

• Evaluate and integrate complementary solutions for data classification, privacy, and data loss prevention (DLP) to strengthen the protection landscape.

Data Discovery & Classification

• Conduct workshops with technical and business stakeholders (e.g., geoscience, engineering, and operations) to identify, categorize, and secure sensitive information assets.

• Translate regulatory and operational needs into protection use cases and implement technical controls that align with enterprise risk strategies.

• Deploy and fine-tune data discovery tools to support continuous monitoring and automated classification processes.

Security Testing & Risk Analysis

• Design and execute Security Integration Testing (SIT) for information protection and cloud security solutions.

• Analyze testing outcomes, identify security vulnerabilities, and recommend practical mitigation strategies that balance security with operational continuity.

• Collaborate with solution architects to ensure controls are scalable, efficient, and measurable.

Stakeholder Engagement & Enablement

• Engage with business leaders, IT, and compliance teams to align cybersecurity objectives with organizational goals.

• Facilitate workshops and awareness sessions, presenting cybersecurity topics in a clear, business-oriented manner.

• Effectively communicate risks, findings, and progress to technical and non-technical audiences to drive engagement and accountability.

Security Architecture Support (Desirable)

• Support integration of protection and detection mechanisms with SIEM, CASB, and CSPM platforms.

• Advise on enhancements to overall data security architecture and continuous monitoring practices.

Qualification and Experience

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field.

• Minimum 5 years of professional experience in cybersecurity, with proven expertise in data privacy, data protection, and governance.

• Strong hands-on experience with Microsoft Purview / MIP, Azure Information Protection, and related cloud security tools.

• Exposure to SIEM, CSPM, and CASB platforms is highly advantageous.

• Experience in oil & gas upstream or industrial environments preferred, with understanding of sector-specific data types and risk profiles.

• Experience in oil & gas upstream or industrial environments preferred, with understanding of sector-specific data types and risk profiles.

Preferred Certifications

• Microsoft Certified: Information Protection Administrator Associate

• CISSP, CISM, or equivalent professional cybersecurity certification

• ISO 27001 Lead Implementer or Auditor

• Azure Security Engineer Associate or equivalent cloud security credential