Job description

JOB PURPOSE:

To lead the development, implementation, and continuous improvement of Oman Food Capital’s cybersecurity framework in order to protect systems, networks, applications, and data from cybersecurity threats. The role is responsible for overseeing information security risks, strengthening compliance, ensuring effective security controls, and providing expert guidance across the organization to align cybersecurity practices with the organization’s risk posture and business objectives.

KEY ACCOUNTABILITIES:

• Lead the implementation, monitoring, and continuous enhancement of the organization’s information security and IT risk management program to safeguard the confidentiality, integrity, and availability of information assets.
• Lead the development, review, and maintenance of information security policies, standards, procedures, and guidelines.
• Oversee the effectiveness of security controls and recommend enhancements to address identified gaps and strengthen the overall control environment.
• Lead vulnerability assessment activities and ensure timely remediation of identified security weaknesses through close coordination with relevant stakeholders.
• Oversee security incident monitoring, investigation, response, and reporting, ensuring timely escalation, root cause analysis, and corrective actions.
• Review audit trails, system logs, and monitoring reports to identify suspicious activities, investigate anomalies, and ensure compliance with internal policies and audit requirements.
• Coordinate and oversee security testing activities for systems, networks, applications, and infrastructure, ensuring remediation plans are implemented and tracked to closure.
• Work closely with infrastructure, applications, and other technology teams to ensure cybersecurity requirements are embedded into systems, projects, and change initiatives from design through implementation.
• Act as the focal point for internal and external cybersecurity audits, ensuring timely closure of audit findings and continuous improvement of control effectiveness.
• Lead cybersecurity risk assessments and maintain cybersecurity risk registers, including recommendations for mitigation, treatment, and ongoing risk monitoring.
• Contribute to business continuity, disaster recovery, and cyber resilience planning to ensure cybersecurity considerations are adequately addressed.
• Lead cybersecurity awareness initiatives and provide guidance to employees on information security policies, cyber risks, and best practices.
• Stay abreast of emerging cyber threats, vulnerabilities, technologies, and industry trends, and provide recommendations to management on actions required to strengthen the organization’s security posture.
• Prepare and present periodic cybersecurity reports, dashboards, risk updates, and key insights to management and relevant stakeholders.
• Provide technical guidance and subject matter expertise on cybersecurity matters across the organization.
• Perform any other related duties assigned by management

Qualifications:

• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Information Systems, or a related field.
• Relevant professional certifications are preferred, such as Security+, CEH, OSCP, OSWP, GPEN, GWAPT, CISSP, CISM, or equivalent.

Experience :

• Minimum of 5 years of experience in information technology or cybersecurity, with at least 2 years in an information security or cyber risk role.
• Experience in security operations, vulnerability management, incident response, compliance, audit, or security governance is required.
• Experience in leading cybersecurity initiatives, coordinating with cross-functional teams, and driving remediation and compliance activities is preferred.

Technical Competencies :

• Information security operations
• IT security and compliance
• Vulnerability assessment and remediation
• Security monitoring and incident response
• Network security
• Cloud security
• Infrastructure security
• Identity and access management
• Disaster recovery and business continuity
• Policies and procedures
• Data protection and data security
• Security risk assessment
• Audit support and control testing
• Emerging technologies and cyber threats.           

Leadership/Behavioural Competencies  :

• Leadership and ownership
• Analytical thinking
• Problem solving
• Accountability
• Communication and influencing skills
• Teamwork and collaboration
• Stakeholder management
• Customer centricity
• Emotional intelligence
• Continuous learning
• Planning and organizing
• Attention to detail