Specialist Cybersecurity at OQ

Muscat, Muscat Governorate, Oman -

Full Time

Start Date

Immediate

Expiry Date

06 Jun, 26

Salary

0.0

Posted On

08 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity Operations, Incident Response, MSB Implementation, Governance, Risk Management, Vulnerability Management, SIEM, EDR, Firewall Configuration, Identity and Access Management, OT Security, Compliance, Root Cause Analysis, Change Management, PowerShell, Python

Industry

Oil and Gas

Description

POSITION DESCRIPTION: Position Title: Cyber security Operations JD Reports to: ICT Manager Department: ICT Department Location: Duqm/ Ras Markaz/ Muscat JOB PURPOSE: The Specialist – Cyber Security Operations safeguards OTTCO’s ICT, OMT, and OT environments by leading security operations, implementing the Minimum-Security Baseline (MSB) for networks, servers, and databases, and coordinating enterprise-wide incident response and risk management. The role ensures compliance with national regulators (e.g., OIA, NRAA) and relevant international standards, continuously reduces cyber risk through data-driven controls, tracks and optimizes direct and indirect cybersecurity costs, and delivers a pragmatic cybersecurity strategy that protects business continuity and supports OTTCO’s operational goals. Description The Cyber Security Operations Specialist is responsible for safeguarding the organization’s IT infrastructure and digital assets by managing and enhancing cybersecurity operations. This role involves administering and troubleshooting security solutions, overseeing CSOC activities, and ensuring timely resolution of security incidents. The specialist leads incident response processes, root cause analysis, and continuous improvement initiatives while driving cybersecurity projects such as SIEM implementation, firewall configuration, and endpoint protection. Additionally, the position requires governance of identity and access management, compliance with regulatory standards, and collaboration with internal teams and external stakeholders to strengthen security awareness and resilience across the organization. REPORTING STRUCTURE: Number of Staff Supervised Direct Reports: 0 Total: 0 Key interactions Internal: HSSE, Operations, Maintenance, Engineering, Finance, Procurement, Legal/Compliance, Records Management, Internal Audit, Corporate IT/OT teams. External: EPC contractors, OQ/Group entities (as applicable), OEM vendors, Telecom providers, TRA/ROP (as applicable), OIA, NRAA, and other regulators/standards bodies. Remote Job Office environment, intensive computer screen use, sporadic visits to the operation site. Education: Bachelor’s degree in information security, Computer Science, Information Systems, or related field (Master’s a plus). Professional certifications (one or more preferred): CISSP, CISM, GCIH, GCIA, GCFE, CEH, OSCP, ISO/IEC 27001 Lead Implementer/Lead Auditor, GICSP/GRID (for OT), or SIEM vendor certifications. Change Management certification/designation (desired). Main tasks and responsibilities Security Operations & Incident Response Run day-to-day cybersecurity operations and CSOC processes (monitoring, alert triage, case management, escalation, and closure). Lead incident response lifecycle (prepare–detect–contain–eradicate–recover–lessons learned) and drive timely Root Cause Analysis (RCA) and corrective actions. Maintain incident response plans/playbooks; conduct table-top exercises and post-incident reviews; measure MTTD/MTTR and improve year over year. Coordinate with internal teams, vendors, and law enforcement/authorities as required. 2) Minimum Security Baseline (MSB) Implementation Lead implementation and governance of MSB across Networks, Servers, and Databases for IT, OMT, and OT environments. Define configuration baselines (hardening, patching, logging), establish compliance thresholds, and drive remediation with owners. Maintain MSB exceptions/dispensations with risk acceptance and expiry tracking. 3) Governance, Risk, and Compliance (GRC) Own and maintain the Cyber Risk Register: log risks, assess likelihood/impact, assign ownership, track treatment plans and due dates. Perform regular risk assessments for ICT (systems, projects, third parties), including OT/OMT assets; update risk posture and report trends. Ensure alignment with regulatory requirements and international standards; prepare and support audits/assessments and close findings on time. Coordinate with national regulators (e.g., OIA, NRAA) and international bodies to interpret and implement applicable regulations and standards. 4) Architecture, Engineering & Vulnerability Management Administer and continuously improve security tooling: SIEM/UEBA, EDR, email security, cloud security (e.g., M365/Azure), firewalls/WAF, NAC, DLP, PAM, IDS/IPS, OT security monitoring, and vulnerability management. Lead vulnerability scanning, secure configuration compliance, and patch orchestration with owners; track SLA- driven remediation. Support secure solution design/reviews for projects and changes (IT/OT), ensuring “secure-by-design” and “defense- in-depth” principles. 5) Identity & Access Governance Govern identity lifecycle (Joiner–Mover–Leaver), privileged access, and periodic entitlement recertifications; enforce least privilege/segregation of duties. Oversee MFA, conditional access, and access logging/monitoring; investigate anomalies with SOC. 6) Business Continuity, DR & Data Protection Support cybersecurity requirements for backups, disaster recovery, and OT resilience; validate through tests and exercises. Ensure appropriate safeguards for sensitive data, records, and retention in line with NRAA and internal policy. Information Security Projects: Oversee and provide support for information security projects, ensuring successful implementation and alignment with organizational goals. 7) Strategy, Financials & Reporting Track cybersecurity costs (direct: tools, licenses, services; indirect: staff time, training, process overheads) and identify optimization opportunities. Develop, update, and submit the Cybersecurity Strategy for OTTCO’s ICT and OT systems, including roadmap, capability maturity, and investment plan. Produce management reports/dashboards on risk, incidents, MSB compliance, vulnerabilities, audit status, KPIs, and budget performance. 8) Awareness, Training & Stakeholder Management Deliver cyber awareness programs/campaigns tailored to end users, admins, engineers, and executives (including OT/OMT context). Coordinate with HSSE, Operations, Maintenance, and Engineering; manage vendors and service providers through SLAs and security clauses. 9) Quality, Policy & Continuous Improvement Develop and maintain cybersecurity policies, standards, procedures, architecture diagrams, and security documentation. Interface with internal/external audits (QA/QC), close findings, and embed lessons learned into processes and tooling. QUALIFICATIONS, EXPERIENCE, & SKILLS: + 5 years total experience in IT & Telecom; 5–8 years in Cyber Security Operations (preferably in Oil & Gas or critical infrastructure). Demonstrated experience implementing SIEM/SOC, EDR, firewalls/WAF, email/cloud security, and identity governance. Hands-on with MSB/baseline hardening, vulnerability management, incident response, RCA, and audit closure. Exposure to OT/ICS environments and mixed IT/OT security is strongly preferred. Project and change management experience, vendor and contract management. Soft Competencies: A solid understanding of how people go through a change and the change process Experience and knowledge of change management principles, methodologies and tools Exceptional communication skills, both written and verbal Excellent active listening skills Ability to clearly articulate messages to a variety of audiences Ability to establish and maintain strong relationships Ability to influence others and move toward a common vision or goal Flexible and adaptable; able to work in ambiguous situations Resilient and tenacious with a propensity to persevere Looking forward with a holistic approach Organized with a natural inclination for planning strategy and tactics Problem solving and root cause identification skills Able to work effectively at all levels in an organization Must be a team player and able to work collaboratively with and through others Acute business acumen and understanding of organizational issues and challenges Technical Competencies Security Operations: SIEM (e.g., Microsoft Sentinel/Splunk), SOAR, UEBA, EDR (e.g., Defender for Endpoint), IDS/IPS, DLP, PAM, NAC, vulnerability scanners. Network/Perimeter: Firewalls, WAF, segmentation/micro-segmentation, VPN, DNS security, proxy, email security gateways. Cloud & Microsoft Security: M365/Azure security, identity protection, conditional access, data/classification, AIP/MIP, Sentinel, Defender suite. OT/OMT Security: ICS/SCADA fundamentals, asset discovery, network zoning, passive monitoring, safe patching, vendor remote access. IAM & PAM: RBAC, SoD, MFA, lifecycle automation, privileged session management. Standards & Frameworks: ISO/IEC 27001/27002, NIST CSF, NIST SP 800‑53/800‑82 (ICS), IEC 62443 (OT), MITRE ATT&CK/ATT&CK for ICS. Scripting & Automation: PowerShell and/or Python for data collection, enrichment, and response automation. Documentation: System security plans, network diagrams, runbooks/playbooks, risk and compliance artifacts..

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The Specialist is responsible for leading security operations, implementing Minimum-Security Baselines across IT/OT environments, and coordinating enterprise-wide incident response and risk management. This role ensures regulatory compliance, reduces cyber risk through data-driven controls, and delivers a pragmatic cybersecurity strategy to support business continuity.