Information & Cyber Security Expert (Omani Only)

Key Responsibilities & Accountabilities:

1. Security Operations & Incident Leadership

• • SOC Management: Direct 24/7/365 Security Operations Centre functions, overseeing team performance, vendor relationships, and the integration of emerging monitoring and analytic technologies.
  • Incident Lifecycle Oversight: Lead the detection, assessment, and resolution of security incidents, maintaining an end-to-end incident response program including forensic artifact collection and malware reverse engineering.
  • Strategic Expansion: Drive the continuous growth of the SOC by integrating new security products and consuming global threat intelligence to proactively adjust defense strategies.
  • Crisis Management: Develop and maintain high-stakes crisis communication plans and coordinate response efforts across the organization during major security events.

2. Governance, Risk & Compliance

• • Compliance Framework Development: Design and execute an annual compliance plan, establishing detailed monitoring mechanisms to ensure adherence to cybersecurity policies and guidelines.
  • Cyber Risk Assessment: Conduct periodic and add-hoc risk assessments across applications, systems, and networks to confirm that risk levels remain within acceptable organizational limits.
  • Remediation & Corrective Action: Identify non-compliance issues and collaborate with cross-functional teams to implement corrective plans, milestones, and functional security improvements.
  • Audit & Assurance: Assess the effectiveness of security controls and review authorization documents to ensure rigorous technical and procedural standards are met.
  • Comply with all applicable laws and regulations including, without limitation, issued by:
     a.     Authority for Public Services Regulation;
     b.    Capital Market Authority (CMA).

3. Strategic Infrastructure & Security Engineering

• • Secure Procurement: Ensure all acquisitions, outsourcing, and third-party services (e.g., Cloud Service Providers and Data Centers) strictly adhere to information security requirements and organizational goals.
  • Documentation & Governance: Maintain the lifecycle of security manuals, standards, and system life-cycle support plans, ensuring that all security designs and development activities are properly documented.
  • Security Architecture Support: Provide technical input to the Risk Management Framework (RMF) and support the functional implementation of security requirements throughout the system development life cycle.

4. Reporting, Training & Awareness

• • Executive Reporting: Create and present high-level dashboards, metrics, and compliance reports for senior leadership to provide visibility into SOC operations and the organization’s risk posture.
  • Security Culture: Lead the delivery of specialized training and awareness programs based on the periodic release of updated regulations or updated internal compliance mechanisms.

Minimum Requirments:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
• 8 years of experience.
• ISO 27001 Lead Implementer is preferred.
• GCIH (GIAC Certified Incident Handler) is preferred.
• Certified Information Systems Security Professional (CISSP) is preferred.
• Certified Information Security Manager (CISM) is preferred.