Job title | Specialist Cybersecurity Operation Systems(SOC) | Grade | |
Stream | Commercial & Downstream | Function | SLL Cluster - PTC - IDS – Cybersecurity |
Location | Oman – SLL | Budget control | *OPEX and/or CAPEX and/or Revenue amount as relevant* |
Reporting to | Head of IDS – SLL Cluster | Direct reports | - |
Main tasks and responsibilities - Administration, configuration and troubleshooting of CS Solutions in coordindation with CS team in OQ HQ.
- Governance and review of identities and previleges.
- Management of CSOC and related tickets.
- Lead and manage CS projects related to CS solutions, DIG & CSOC.
- Lead the processes and procedures of incident response plan and promote its dissemination across the organization
- Lead all RCA activities in order to identify the root cause and all the variables associated with incidents
- Lead incident investigation in order to promote the positive impact of the investigation
- Lead the development and execution of the process improvement long-term strategic plan in alignment with the function and organisation strategies.
- Report progress against analysis and findings and the corrective actions, mitigations taken and course correction actions to avoid recurrence of the incidents
- Recommend training and workshops programs for leaders and employees related to incident investigation and Case Root Cause Analysis to contribute with the shared knowledge of the methodology
- Oversees the the day-to-day operations to assure that best practices and recommendations from RCA reports
- Interface with internal and external QA/QC audits by resolving basic issues identified in audits.
- Lead the development and implementation of departmental policies, systems, processes, procedures and controls, and continuously identify and recommend improvements while ensuring compliance with engineering standards and relevant legislation.
- Approve and supervise the regular and ad-hoc management reports on new opportunities, highlight critical issues and challenges, and provide strategic insight to ensure effective decision-making in coordination with CS in OQ HQ
- Ensure that recommendations and reports are accurate, relevant and timely that will lead to stakeholders being able to make informed and timely decisions.
Analysis Level 1: - Lead the analyses data related to the operational incidents
- Lead the development of statistics and trends of incidents
- Propose preventive measures regarding the vulnerability of the systems
- Monitors and evaluate incidents frequency, including consequences
Analysis Level 2 - Lead the development and maintain a database related to the systems operations
- Provide statistics, trends, qualitative and quantitative analysis to assess the operations system performance
- Lead the development and update regular reports related to the incidents
- Provide technical support the incidents investigations and the incident response plan
|
Key interactions Internal: SLL Cluster & OQ HQ External: Regulators, Auditors, Specialized Contractors, Vendors & Suppliers |
Notable Working Conditions. Office environment, intensive computer screen use, sporadic visits to the operation site. |
Education requirements | - Minimum Qualifications for this position is a Bachelor’s degree in information systems, computer science or related disciplines.
- Cybersecurity Certification
- Change management certification or designation (desired)
|
Language | Excellent knowledge of written, read, and spoken English (required) Arabic - Native (desirable) |
Background and experience | Competencies and skills |
Specialist: | 5-8 years of relevant experience |
- Relevant experience in a similar role, in large oil industry.
- Experience in project management / Change Management.
- Experience in installation/implementation of cybersecurity/SIEM/SOC tools
- Experience with Firewalls, Office 365 Security, Endpoint Security, email security, Cloud Security, etc.
- Python and/or Power Shell
- Knowledgeable in latest cybersecurity trends and hacking techniques
- Customer-oriented - ability to deal with customers
- Based in/willing to relocate to Riyadh
- CISSP, GCIH, OSCP, GCFE or SIEM Certified Engineer is preferred
| Soft: - A solid understanding of how people go through a change and the change process
- Experience and knowledge of change management principles, methodologies and tools
- Exceptional communication skills, both written and verbal
- Excellent active listening skills
- Ability to clearly articulate messages to a variety of audiences
- Ability to establish and maintain strong relationships
- Ability to influence others and move toward a common vision or goal
- Flexible and adaptable; able to work in ambiguous situations
- Resilient and tenacious with a propensity to persevere
- Forward looking with a holistic approach
- Organized with a natural inclination for planning strategy and tactics
- Problem solving and root cause identification skills
- Able to work effectively at all levels in an organization
- Must be a team player and able to work collaboratively with and through others
- Acute business acumen and understanding of organizational issues and challenges
Technical: - Familiarity with project management approaches, tools and phases of the project lifecycle
- Experience with large-scale organizational change efforts
- Architecting, implementing and managing Cybersecurity/SIEM tools according to customers' needs
- Installing and configuring SIEM/security tools.
- System security plans, network diagrams and other security documentation
- Developing scripts for data collection from log sources
- Pre-sales activities
- Installation and configuration of WAF and Firewalls
|