Specialist Cyber Security Operation Syst

Job title

Specialist Cybersecurity Operation Systems(SOC)

Grade

Stream

Commercial & Downstream 

Function

SLL Cluster - PTC - IDS – Cybersecurity  

Location

Oman – SLL

Budget control

*OPEX and/or CAPEX and/or Revenue amount as relevant*

Reporting to

Head of IDS – SLL Cluster  

Direct reports

-

Main tasks and responsibilities

• Administration, configuration and troubleshooting of CS Solutions in coordindation with CS team in OQ HQ.
• Governance and review of identities and previleges.
• Management of CSOC and related tickets.
• Lead and manage CS projects related to CS solutions, DIG & CSOC.
• Lead the processes and procedures of incident response plan and promote its dissemination across the organization
• Lead all RCA activities in order to identify the root cause and all the variables associated with incidents
• Lead incident investigation in order to promote the positive impact of the investigation
• Lead the development and execution of the process improvement long-term strategic plan in alignment with the function and organisation strategies.
• Report progress against analysis and findings and the corrective actions, mitigations taken and course correction actions to avoid recurrence of the incidents
• Recommend training and workshops programs for leaders and employees related to incident investigation and Case Root Cause Analysis to contribute with the shared knowledge of the methodology  
• Oversees the the day-to-day operations to assure that best practices and recommendations from RCA reports  
• Interface with internal and external QA/QC audits by resolving basic issues identified in audits.
• Lead the development and implementation of departmental policies, systems, processes, procedures and controls, and continuously identify and recommend improvements while ensuring compliance with engineering standards and relevant legislation.
• Approve and supervise the regular and ad-hoc management reports on new opportunities, highlight critical issues and challenges, and provide strategic insight to ensure effective decision-making in coordination with CS in OQ HQ
• Ensure that recommendations and reports are accurate, relevant and timely that will lead to stakeholders being able to make informed and timely decisions.

Analysis Level 1:

• Lead the analyses data related to the operational incidents
• Lead the development of statistics and trends of incidents
• Propose preventive measures regarding the vulnerability of the systems
• Monitors and evaluate incidents frequency, including consequences

Analysis Level 2

• Lead the development and maintain a database related to the systems operations
• Provide statistics, trends, qualitative and quantitative analysis to assess the operations system performance 
• Lead the development and update regular reports related to the incidents
• Provide technical support the incidents investigations and the incident response plan 

Key interactions

Internal: SLL Cluster & OQ HQ

External: Regulators, Auditors, Specialized Contractors, Vendors & Suppliers

Notable Working Conditions. Office environment, intensive computer screen use, sporadic visits to the operation site.

Education requirements

• Minimum Qualifications for this position is a Bachelor’s degree in information systems, computer science or related disciplines.
• Cybersecurity Certification
• Change management certification or designation (desired)

Language

Excellent knowledge of written, read, and spoken English (required) Arabic - Native (desirable)

Background and experience

Competencies and skills

• Relevant experience in a similar role, in large oil industry. 
• Experience in project management / Change Management.
• Experience in installation/implementation of cybersecurity/SIEM/SOC tools
• Experience with Firewalls, Office 365 Security, Endpoint Security, email security, Cloud Security, etc.
• Python and/or Power Shell
• Knowledgeable in latest cybersecurity trends and hacking techniques
• Customer-oriented - ability to deal with customers
• Based in/willing to relocate to Riyadh
• CISSP, GCIH, OSCP, GCFE or SIEM Certified Engineer is preferred

Soft: 

• A solid understanding of how people go through a change and the change process
• Experience and knowledge of change management principles, methodologies and tools
• Exceptional communication skills, both written and verbal
• Excellent active listening skills
• Ability to clearly articulate messages to a variety of audiences
• Ability to establish and maintain strong relationships
• Ability to influence others and move toward a common vision or goal
• Flexible and adaptable; able to work in ambiguous situations
• Resilient and tenacious with a propensity to persevere
• Forward looking with a holistic approach
• Organized with a natural inclination for planning strategy and tactics
• Problem solving and root cause identification skills
• Able to work effectively at all levels in an organization
• Must be a team player and able to work collaboratively with and through others
• Acute business acumen and understanding of organizational issues and challenges

Technical:

• Familiarity with project management approaches, tools and phases of the project lifecycle
• Experience with large-scale organizational change efforts
• Architecting, implementing and managing Cybersecurity/SIEM tools according to customers' needs
• Installing and configuring SIEM/security tools.
• System security plans, network diagrams and other security documentation
• Developing scripts for data collection from log sources
• Pre-sales activities
• Installation and configuration of WAF and Firewalls