Sr. Specialist IDS Risk, DR

4 days ago

Muscat, Muscat, Oman OQ Full time
Sr. Specialist IDS Risk, DR & Compliance

Provides end-to-end subject matter expertise and execution capabilities across the domains of technology risk management, disaster recovery, and regulatory compliance. The role supports the development and implementation of frameworks, policies, and practices that protect OQ's digital infrastructure and ensure operational resilience.

The position will act in accordance with the OQ's Mission, Vision, Values & Strategies, as well as, policies, guidelines, and standards, supported by an IT Technology platform, HSE standards, Omani's government & other legal justifications, and best international practices in consonance with national objectives.

Main tasks and responsibilities

  • Identify, assess, and monitor IDS-related risks including, operational, infrastructure, and compliance risks.
  • Conduct periodic risk assessments, internal audits, and gap analyses.
  • Collaborate with IT, Cybersecurity, and Enterprise Architecture teams to define and implement control frameworks aligned to ISO 27005, NIST RMF, and COBIT principles.
  • Maintain a centralized risk register and ensure timely mitigation, acceptance, transfer, or avoidance strategies for each identified risk.
  • Regularly review risk appetite, metrics, and thresholds in collaboration with Governance and Internal Audit functions.

Disaster Recovery (DR) Planning

  • Lead the design, implementation, testing, and continual improvement of IDS DR plans aligned with ISO 22301.
  • Define business impact assessments (BIAs), RTOs (Recovery Time Objectives), and RPOs (Recovery Point Objectives) for critical systems and applications.
  • Coordinate DR simulations, tabletop exercises, and live recovery tests across OQ's digital environments.
  • Ensure DR strategies are aligned with on-premises, private cloud, and hybrid cloud environments.
  • Collaborate with business continuity leads across group entities to ensure interdependency planning and resilience readiness.

Compliance Management

  • Monitor and ensure compliance with internal policies, national regulations (e.g., Omani privacy laws), and global frameworks (e.g., GDPR, ISO 27001).
  • Prepare for internal and external audits by maintaining a compliance evidence repository, ensuring traceability and accountability.
  • Contribute to the development and update of IDS policies, procedures, Process and SOPs.
  • Conduct third-party risk assessments and ensure vendor compliance through contract clauses, periodic reviews, and audits.
  • Liaise with legal, risk, and regulatory teams for evolving requirements.
  • Act as a core member of the Incident Response Team for IDS-related incidents.
  • Help establish and maintain response playbooks for cyberattacks, data breaches, outages, and system compromises.
  • Support forensic investigations and root cause analysis following incidents.
  • Lead post-incident reviews and implement lessons learned into the risk and DR frameworks.

Training and Awareness

  • Design and deliver role-based training programs on risk management, DR awareness, and compliance best practices for IDS teams and business users.
  • Drive a culture of risk ownership, security awareness, and policy compliance.
  • Build and maintain a knowledge hub for best practices and regulatory updates.
  • Monitor global trends in cyber resilience, regulatory technology (RegTech), and digital risk.
  • Propose enhancements to current systems including automation, data analytics, and integrated dashboards for real-time visibility.
  • Lead process maturity assessments using CMMI or similar frameworks and develop improvement roadmaps.

Key interactions

Internal: OQSAOC Streams/AssetsExternal: Technology vendors, auditors, regulators, managed service providers.

Notable Working Conditions. Office-based role with occasional visits to operational and disaster recovery sites. May require availability outside regular hours during DR tests or incidents.

Education requirements

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.
  • Master's degree or relevant certifications (e.g., CISSP, CISM, CBCP, ISO 27001 Lead Implementer/Auditor) preferred.

Language

Excellent knowledge of written, read, and spoken English (required) Arabic - Native (desirable)

Background and experience

  • 6–8 years of experience in cybersecurity, risk management, compliance.
  • Strong understanding of data protection laws and DR frameworks.
  • Familiarity with industry standards (e.g., ISO 27001, NIST, CIS Controls).

Competencies and skills

Behavioral:

Strong analytical and communication skills.

  • Leadership mindset with stakeholder engagement capabilities.
  • Ethical, detail-oriented, and adaptable to regulatory changes.
  • Ability to work across functional teams and influence without authority.
  • High integrity, ethical conduct, and a sense of accountability.
  • Problem-solving orientation with the ability to manage ambiguity.
  • Passion for continuous learning and adapting to change.

Technical:

  • Proficiency in risk and compliance tools.
  • Knowledge of IT infrastructure, cloud, and access control mechanisms.
  • Exposure to legal, regulatory, and audit requirements.
  • Understanding of privacy-by-design and privacy-by-default principles.
  • Familiarity with ITSM processes, SIEM/SOC practices, vulnerability management, and asset classification.
  • Deep understanding of risk management, DR/BCM, compliance frameworks, and regulatory obligations.
Seniority level
  • Seniority levelAssociate
Employment type
  • Employment typeFull-time
Job function
  • Job functionInformation Technology
  • IndustriesOil and Gas, IT Services and IT Consulting, and Information Services

Referrals increase your chances of interviewing at OQ by 2x

Technical Lead -Payment Applications(Domestic Card Scheme Program)CRM & Billing Technical Lead - Microsoft DynamicsSenior Dynatrace Technical AdministratorCyber Recovery Solutions Senior Consultant

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

  • Sr Specialist IDS Risk, DR

    2 weeks ago

    Muscat, Muscat, Oman Full time

    Main tasks and responsibilitiesRisk ManagementIdentify, assess, and monitor IDS-related risks including, operational, infrastructure, and compliance risks.Conduct periodic risk assessments, internal audits, and gap analyses.Collaborate with IT, Cybersecurity, and Enterprise Architecture teams to define and implement control frameworks aligned to ISO 27005,...

  • Cybersecurity Specialist

    1 hour ago

    Muscat, Muscat, Oman beBee Careers Full time

    Job Title: Cybersecurity Specialist - Risk Management & DRMain ResponsibilitiesIdentify, assess, and monitor Information Security (IDS) risks, including operational, infrastructure, and compliance risks.Conduct periodic risk assessments, internal audits, and gap analyses to ensure effective risk management.Collaborate with IT, Cybersecurity, and Enterprise...

  • Senior Specialist

    2 weeks ago

    Muscat, Muscat, Oman Airswift Full time

    Provides end-to-end subject matter expertise and execution capabilities across the domains of technology risk management, disaster recovery, and regulatory compliance. The role supports developing and implementing frameworks, policies, and practices that protect our client's digital infrastructure and ensure operational resilience.The position will act in...

  • Specialist/ Sr. Applications Specialist

    2 weeks ago

    Muscat, Muscat, Oman Oman Investment Authority Full time

    The Senior Application Specialist is responsible for the administration, support, and continuous improvement of the organization s key enterprise applications including the Business Support System (BSS), Workforce Management (WFM), Enterprise Resource Planning (ERP), and SharePoint. The role ensures applications are aligned with business needs, are...

  • Risk Management and Compliance Specialist

    1 hour ago

    Muscat, Muscat, Oman beBee Careers Full time

    About the RoleThis role involves leading risk management, disaster recovery, and compliance initiatives. The ideal candidate will have a strong understanding of data protection laws and disaster recovery frameworks.The successful applicant will be responsible for identifying, assessing, and monitoring IDS-related risks, as well as conducting periodic risk...

  • Sr Specialist Cloud- Muscat--8-11

    3 weeks ago

    Muscat, Muscat, Oman PETROLEUM DEVELOPMENT OMAN Full time

    Job DescriptionReport this job Sr Specialist CloudJob IdOQ56260Start DateMay 07, 2025End DateMay 13, 2025Company NameOQDisciplineITNo of Position1Position TypePermanentJob TypeNationality RequiredEducation & Experience RequiredEducationMinimum Qualifications for this position is a Bachelors degree in information systems, computer science, or related...

  • Risk Management Specialist

    3 days ago

    Muscat, Muscat, Oman beBee Careers Full time

    Quality Assurance SpecialistWe are looking for a highly motivated and experienced Quality Assurance Specialist to join our team. The successful candidate will be responsible for conducting risk assessments, developing mitigation strategies, and ensuring the highest quality standards are met.This is an excellent opportunity for individuals looking to advance...

  • Endocrinologist (Sr Spcialist / Specialsit)

    1 week ago

    Muscat, Muscat, Oman MOD Full time

    Endocrinologist (Sr Specialist / Specialist)2 months ago Be among the first 25 applicantsDirect message the job poster from The Medical City for Military & Security ServicesRecruiter - The Medical City for Military & Security ServicesThe Medical City for Military and Security ServicesMuscat, Sultanate of OmanThe Medical City for Military and Security...

  • Sr Site Engineer

    6 days ago

    Muscat, Muscat, Oman Bahja Real Estate Full time

    Bachelor of Technology/Engineering(Civil)NationalityIndianMaleAnnual Air Ticket, Car, Medical Insurance, Paid Leaves, VisaVacancy1 VacancyJob Description• Manage the overall project execution, ensuring that it meets time, cost, and quality objectives.• Monitor project schedules, budgets, and risk management plans.• Coordinate with stakeholders,...

  • Risk Management Expert

    1 hour ago

    Muscat, Muscat, Oman beBee Careers Full time

    Job Title: Risk Management SpecialistJob Summary:The Risk Management Specialist is responsible for identifying, assessing, and mitigating risks to ensure a safe and compliant work environment. This role involves developing risk management policies, ensuring health and safety standards, and promoting a culture of safety within the organization.Key...