Skip Ribbon Commands
Skip to main content

Skip Navigation LinksDetails

  2. Job Details

Menu

IM&T Senior Cyber Defense Specialist (Four Years Contract)

Job Id
PDO002
Start Date
Feb 05, 2025
End Date
Feb 14, 2025
Compnay Name
Petroleum Development Oman
Discipline
IT
No of Position
1
Position Type
Temporary
Job Type
Office
Nationality Required
Omani
Education & Experience Required
Education
Experience
Bachelor
7

Job Description

Description Responsible for detecting, preventing, responding and managing latest cyber security threats and incidents and to provide specialist technical expertise in assessing, designing, implementing and supporting infrastructure security solutions. Main Responsibilities: • Manage & Conduct vulnerability assessments, penetration testing, verification of baseline compliance to maintain the confidentiality, integrity & Availability of the assets • Manage & Conduct security assessments and code review for applications to ensure applications are free of weaknesses and flaws • Analyse, triage and raise threat advisories on the emerging threats related to PDO, Oil & Gas and suppliers and partners • Perform real-time L2 monitoring of security logs generated in PDO’s office domain and process control domain for any incidents, security breaches or other unauthorized activities. • Manage, configure, patch, upgrade and troubleshoot Firewalls, NGIPS, IPS/IDS Systems, Web Application Firewalls, Network Traffic Analysis Solutions, Unified Thread Management (UTM), Email Security Gateways, Internet access Proxies and Endpoint & Antivirus Security Systems. • Act spontaneously and provide necessary evidences to the Incident response team as needed. • IT Security Operation Support Activities covering IT & OT/PCD Environments • Participate in information security risk assessments and serves as an internal resource to investigate security incidents • Serve as information security subject matter expert and provides advisory and consulting services as needed • Contributes to the development and maintenance of the information security strategy. Reviews existing product architecture, identifies design gaps, and recommends security enhancements. • Drive continual improvement of implemented security standards, controls and services to ensure that they are in line with best practices and industry standards • Responsible for information security reviews in IT & OT/PCD (E.g. Annual vulnerability assessment, evergreen program, configuration review, user/admin access review & USB) • Ensure efficient daily operation on information security systems and carries out routine activities as per agreed and defined metrics, service levels and Health Safety and Environment guidelines • Stay abreast with the latest emerging security threats and designs security architecture to mitigate threats where possible • Develop and maintain the knowledge base, guidelines and standard operating procedures for security administration, particularly with regards to architecture and platforms change due to adoption of new technology • Support implementing and sustaining ISO 27001 certification and PCD compliance to ISA 62443. • Ensure availability of information security tools and services, to facilitate IT infrastructure services and related components to operate as per agreed and defined internal security compliance, policies, standards and guidelines and other regulatory requirements Requirements • Bachelor’s degree in computer science or equivalent with minimum 7 years’ experience in the field of IT • Minimum 7 years' experience in a security assessment or service management/delivery capacity • Information Security qualifications like Certified Information Systems Security Professional (CISSP) or Offensive Security Certified Professional OSCP is preferable • Experience in security assessment, log monitoring, IT infrastructure, application-level vulnerability testing and auditing, network and application security. • Experience in Firewalls, NGIPS, IPS/IDS Systems, Web Application Firewalls, Network Traffic Analysis Solutions, Unified Thread Management (UTM), Email Security Gateways, Internet access Proxies and Endpoint & Antivirus Security Systems. • Team player, strong interpersonal and communication skills, with high level of customer orientation and mindset to deliver quality and pro-active service. • Experience in a security service management position in an IT division in the Oil and Gas or similar industry is preferable • Strong understanding of the Microsoft Windows products in both Operations Domain & Industrial Control Systems domain. • Strong understanding of UNIX / Linux is preferable Competencies: • IM&T Risk Management • IM&T Threat, Vulnerability & Incident Management • IM&T Audit & Compliance • IM&T Architecture • IM&T Service Delivery & Support Processes • PCD Integrity & Security

Skills Required

Other Job Details

Proceed