Department

Information Security

Location

Head Office

Report to

General Manager – Risk & Controls

Position’s Purpose and Role

The ISM is responsible for establishing and maintaining company wide information security management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.

Duties & Responsibilities

The ISM’s job is composed of a variety of activities, including very tactical, operational and strategic activities in support of the Information and Physical Security Program initiatives, such as:

  1. Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
  2. Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
  3. Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
  4. Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
  5. Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
  6. Provide regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program.
  7. Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
  8. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  9. Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
  10. Ensure that security programs comply with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
  11. Manage security incidents and events to protect company IT assets, including intellectual property, regulated data and the company’s reputation.
  12. Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
  13. Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas.
  14. Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
  15. Liaise among the information security team and compliance, audit, legal and HR management teams as required.
  16. Liaise with external agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture.
  17. Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
  18. Manage security issues and incidents, and participate in problem and change management forums. Ensuring timely reporting and adequate participation in investigation for security incidents, with regulators and / or Law Enforcement agencies as applicable.
  19. Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
  20. Work with the IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
  21. Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
  22. Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
  23. Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
  24. Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
  25. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
  26. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements.
  27. Monitor User id management across all operating platforms including and not restricted to reviewing access logs, activation /deactivation monitoring.
  28. Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary

Job Specifications (Qualifications, Skills and Experiences Required)

  • Omani Nationals Only
  • A minimum of 5 years of IT experience, with 3 years in an information security role and at least two years in a supervisory capacity.
  • A bachelor’s degree in information systems or equivalent work experience; in information security is preferred.
  • Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
  • Knowledge and understanding of relevant legal and regulatory requirements
  • Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • Excellent verbal, written and interpersonal communication skills
  • Certification such as CISA, CISM or CISSP (or willingness to pursue)

Department

Finance & Operations

Location

Head Office

Report to

Department Head –Finance & Operations

Position’s Purpose and Role

The Head of Finance is a key supporting role in managing the Financial Planning and Analysis function and the Financial Reporting functions. The position also plays a key role in the development of financial forecasting and planning systems in the Organization. In addition, the position provides a key interface between Treasury, Operations, Recovery and IT functions. This role is involved in strategic, budgeting and planning activities.

The Head of Finance will provide the leadership and direction to ensure the development of relevant financial information and timely financial budgeting and planning and financial reporting for senior leadership, the Board, and key stakeholders. The person will assist in managing and controlling the organization’s financial processes, making the necessary changes to upgrade and improve process, policies or procedures, train and develop teams of finance professionals.
This person will ensure accountability and compliance with applicable legal and regulatory reporting requirements.

Duties & Responsibilities

  1. Ensure the financial infrastructure is stable and maintain scalability of finance model at all times.
  2. Ensure timely financial reporting and engage actively with senior management on variance analysis.
  3. To manage the Finance and treasury functions of the Company.
  4. Assists the department head in managing the operation units (PDCs and Accounts)
  5. Lead budgeting and strategic planning initiatives with Management Committee and Heads of other Departments.
  6. Ensure timely completion of accounts as per monthly, quarterly and annual accounts schedule.
  7. Ensure timely release of monthly / quarterly / yearly MIS
  8. Handling internal, external & CBO Audit matters pertaining to Finance department.
  9. Act as chief liaison for banking partners, Corporate depositors for arranging and monitoring facilities.
  10. Ensure timely filing of CBO & other regulatory returns.
  11. Handling income tax matters with consultant.
  12. Establish reporting, monitoring, and accountability systems that will ensure highest standards of financial integrity.

Desired Skill sets and profile

  • Omani Nationals Only
  • A graduate/Master degree in Finance with expertise in Accounting/Finance.
  • Preferred banking/financial services experience of at least 10 years.
  • Preferred certified accountant and analyst (ACCA/CPA/CFA/..etc.)
  • Good work ethics and team management skills
  • Ability to operate in a hands-on manner in a lean organization with limited resources and budgets.
  • Strong general management capabilities
  • Ability to inspire high levels of team performance.
  • Ensures a high-level of quality and customer service by adopting a culture of excellence.
  • Leads with transparency and stays accountable by setting high standards and ensuring compliance.

Department

IT

Location

Head Office

Duties & Responsibilities

  1. Responsible for all hardware needs of the company and ensuring its adequate maintenance through externalized support.
  2. Responsible for all software packages used, including maintenance through externalized support.
  3. Optimize results from available budget for hardware and software.
  4. Recommend appropriate policies for business continuity and information security and ensure adequate processes are in place to meet the standards prescribed in the policy.
  5. Make available to Senior Management through data mining of information available on the system.
  6. Ensuring that the IT infrastructure prescribes to sufficient security measures in line with the industry best practices.
  7. Suggesting ways to improve the efficiency, productivity, operating costs etc. by proper utilization of technology.
  8. Coordinating with other department heads in ensuring that proper business processes are in place.
  9. Handling CBO reporting and other regulatory reporting.
  10. Manage IT employees’ day-to-day functions.

Desired Skill sets and profile

  • Omani Nationals Only
  • Degree or Master in IT/Computer science/Database administrator or any relative subject
  • Having good knowledge in SQL , PLS/SQL
  • OCP preferred
  • 10 Years or more experience

Section : Archive

Location : Head Office

Omani Nationals Only

Qualification : Diploma in Archive

Should be well versed with Microsoft Excel and word.

Should have excellent English in reading, writing and communication.

Section : PDC Section

Location : Al Khuwair

Omani Nationals Only

Minimum Qualification : Secondary school

Should be well versed with Microsoft Excel and word.

Should have excellent English in reading, writing and communication.