Petroleum Development Oman is the leading exploration and production company in the Sultanate of Oman. The Company delivers the majority of the country's crude oil production and natural gas supply.
To execute the Risk & Compliance programme throughout IDD and ensure compliance enforcement.
• Graduate in Computer Science or equivalent with 8+ years experience in IM&T • Possess 5+ years experience in risk, compliance, auditing and assurance practices within the IM&T and Industrial Control Systems (Process Control Domain);• Proven skills in Information Risks and compliance Management;• Professional certifications desired: CISA, CRISC, CISM, CISSP, GIAC, GICSP, CEH• Good understanding of security best practices and in-depth knowledge and ability to interpret standards and controls associated to ISO/IEC 27001:2013 and ISA/IEC 62443;• Good leadership skills and the ability to engage others and mobilize commitment to produce results• Excellent interpersonal, written & oral communication
Cyber Defence
• Assists to develop and deploy the annual IRM compliance programs for IM&T and PCD • Supports the development and sustainability of the compliance evergreen activities/ processes.• Supports the day-to-day security compliance activities in IT and PCD environments.
Risk & Controls• Develop risk management strategy and processes within IM&T and PCD and ensure consistency of risk profile.• Highlight potential risks to the management (IDD LT).• Collaborate with corporate risk management team as IDD risk focal point.• Conducts/facilitates risk assessments for respective teams to identify trends, potential risk areas and non-compliances within IDD.• Prepares and reports completed risk analysis to help in taking the necessary actions to maximize opportunities and reduce threats.• Provides regular updates to risk owners such that proactive actions are taken by all stakeholders. • Supports coordination of external and internal audits across IDD and compile responses to all audit findings and actions.• Leads the annual “contractor site” cybersecurity assessments as per ISO 27001 compliance requirements.• Leads the annual “PCD cybersecurity compliance site assessments”• Manages, tracks and presents audit actions with recommendations for successful closure. • Oversee Business Impact Assessments.
Compliance
• Develop and Execute Annual Intergrated Assurance program (LoD1/LoD2/LoD3). • Works with the respective teams to ensure compliance with IM&T mandated standards and controls.• Leads the implementation of the defined compliance program (OD/PCD). • Leads IM&T compliance LOD2 assessments and gap analysis activities. • Tracks and reports IRM and Assurance dashboards (KPI/KRIs) on periodic basis.
Resource & Skill Pool Management • Mentor & Support Graduates, Interns and OJT's.
