Department

Information Security

Location

HO

Report to

General Manager Risk & Controls

Position’s Purpose and Role

The ISM is responsible for establishing and maintaining company wide information security management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.

Duties & Responsibilities

The ISM’s job is composed of a variety of activities, including very tactical, operational and strategic activities in support of the Information and Physical Security Program initiatives, such as:

  1. Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
  2. Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
  3. Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
  4. Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
  5. Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
  6. Provide regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program.
  7. Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
  8. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  9. Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
  10. Ensure that security programs comply with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
  11. Manage security incidents and events to protect company IT assets, including intellectual property, regulated data and the company’s reputation.
  12. Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
  13. Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas.
  14. Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
  15. Liaise among the information security team and compliance, audit, legal and HR management teams as required.
  16. Liaise with external agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture.
  17. Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
  18. Manage security issues and incidents, and participate in problem and change management forums. Ensuring timely reporting and adequate participation in investigation for security incidents, with regulators and / or Law Enforcement agencies as applicable.
  19. Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
  20. Work with the IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
  21. Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
  22. Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
  23. Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
  24. Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
  25. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
  26. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements.
  27. Monitor User id management across all operating platforms including and not restricted to reviewing access logs, activation /deactivation monitoring.
  28. Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary

Job Specifications (Qualifications, Skills and Experiences Required)

  • A minimum of 5 years of IT experience, with 3 years in an information security role and at least two years in a supervisory capacity.
  • A bachelor’s degree in information systems or equivalent work experience; in information security is preferred.
  • Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
  • Knowledge and understanding of relevant legal and regulatory requirements
  • Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • Excellent verbal, written and interpersonal communication skills
  • Certification such as CISA, CISM or CISSP (or willingness to pursue)

Department

Risk Management

Level

Manager / Divisional Manager

Location

Head Office

Report to

General Manager – Risk & Controls

Position’s Purpose and Role

  • To effectively manage the Risk Management Function
  • To escalate any high risk related issues to relevant authorities
  • Generate MIS to measure and support the performance / enhancement of the unit.

Duties & Responsibilities

  • Responsible for developing and implementing the risk management policies and processes to identify measure and monitor the company’s exposure to all the risks identified in the Risk Management Policy and other documents
  • To liaise with all departmental heads in carrying out his / her responsibilities
  • He / she shall have access to all functions, records, property and personnel of the company when required
  • To provide an assurance that the Company has identified its highest-risk exposures and has taken steps to properly manage these
  • To ensure that the Company’s business planning processes include a focus on areas where risk management is needed
  • To establish a process across the Company that will integrate the various risk management measures
  • Periodically monitor the actual performance across the lines of business against their respective risk appetite levels and report exceptions
  • Recommend changes to the risk appetite levels and its impact on business profitability, under the business expansion/ contraction strategies
  • Liaise with the departmental heads, to monitor the risk inventories and associated controls across the company’s functions and report exceptions
  • Periodically review the Risk Management Policies and Procedures at the departmental level and recommend changes
  • To be involved in all significant business change activities including new product development and implementation proposals for ensuring risk management considerations are adhered
  • Provide regular reports to the Management on key risk issues and developments
  • Provide results of key risk assessment activities on a periodic basis
  • Review any legal claims on the company and report to the AC on potential strategic, financial, operational and reputational risks
  • Perform the Loan Review Mechanism function
  • Provide periodical reports as agreed per the policies procedures
  • Perform any special tasks given by the Line Manager / Executive Management

Job Specifications (Qualifications, Skills and Experiences Required)

  • Bachelors Degree or Equivalent
  • Preferably with at least 10 years experience in similar assignment

Department

IT

Location

Muscat – HO

Report to

Network Administrator

Position’s Purpose and Role

Managing computers, Printers, scanners, photocopiers, CCTV, telephones, Access Control system, projectors etc. at all locations

Duties & Responsibilities

  • Work in conjunction with Network Administrators
  • Provide computers, printers, telephone sets, scanners to users as per IT requests
  • Manage PABX and coordinate with vendors
  • Manage CCTV setup and coordinate with vendors
  • Make sure that CCTV recording is happening and retained for approved timeframe as per company policy
  • Manage photocopiers and coordinate with vendors
  • Install licensed operating systems on computers
  • Install licensed applications on computers
  • Install licensed Antivirus on all the computers
  • Receive desktop support related user complaints
  • Resolve user complaints on timely basis
  • Keep track of user complaints
  • Assist management in collecting quotations from multiple vendors
  • Prepare purchase requisitions for management approval
  • Coordinate with vendors to ensure that UPS are working fine
  • Have all the computers, printers, scanners, photocopiers etc. serviced at regular intervals
  • Maintain an agreed number of backup computers and printers at all times
  • Accept any additional relevant task assigned by the management
  • Accept any additional relevant task assigned by the management

Job Specifications (Qualifications, Skills and Experiences Required)

  • Bachelor in IT or relative degree
  • Excellent Communication Skills
  • Preferred 1-3 years (for Degree)/ 3-5 years (diploma) experience

Department

IT , Customer Service Operations , DMS Unit

Location

Head Office

Report to

DMS Unit Head

Position’s Purpose and Role

This position is for the purposes of supporting DMS Unit head to be able to manage the unit that includes of managing all of company documents and records electronically, deal with document storage, sharing, sending, and destruction. They may evaluate existing management systems and procedures in order to assess how effective and efficient they are and update accordingly.

Duties & Responsibilities

  • Working under unit head supervisory for day to day activities.
  • Daily filing of company’s Leases files and electronic DMS records.
  • Support unit head to manage document storage, sharing, sending, and destruction.
  • Co-ordinate with all branches to ensure completion of the lease file.
  • Co-ordinate with Collection Department for any documentation needed for their day to day failing/Court work.
  • Co-ordinate with other departments for any information needed from physical file as hard or softcopy.
  • Work with others to ensure sending and accessing documents without a problem and may be involved in troubleshooting any issues related to DMS.
  • Tracking the movement of the files.
  • Support unit head to manage all the files stores.
  • Support unit head to manage the destroying process as per policy and manuals.
  • Any exercises given by his line managers.

Job Specifications (Qualifications, Skills and Experiences Required)

  • Archiving Diploma
  • Preferred 1-2 years’ experience
  • Knowledgeable about laws regarding document management
  • Having familiarity with various types of computer software is helpful
  • Good organization and prioritization skills.

Department

Collections

Level

Sr. Executive / Officer

Location

Head Office and Certain Branches

Report to

Enforcement Supervisor

Position’s Purpose and Role

  • The Enforcement Specialist is responsible for enforcing and collecting all judgements received from the court
  • He / she will work closely within collections team and all branches for follow up of such allocated cases
  • Enforcement Specialist will follow key legal processes that relate to legal drafting, negotiations, settlement agreements, and all enforcement court related matters.

Duties & Responsibilities

  • Work closely with Enforcement Supervisor and Head Remedial to maximize the Company’s recovery by reviewing and recommend settlements and or payment plans being offered by the customer
  • Work on assigned contracts and coordinate with all related parties for additional enforcement and/or legal activities
  • He / she is responsible for all collection related enforcement matters.
  • Enforcement Specialist will coordinate with the legal team for drafting commercial settlement agreements, and all court related matters.
  • Develop and follow tracking mechanisms to ascertain effectiveness in terms of recovery
  • Communicate and facilitate with stakeholders on such accounts to ensure proper procedures are adhered.
  • Partner with internal and external parties to improve process efficiency
  • Make recommendations to management to make process improvement
  • Special projects as assigned

Job Specifications (Qualifications, Skills and Experiences Required):

Qualifications

  • High School or equivalent
  • Legal degree / diploma would be helpful
  • Experience in debt collection / cout related matters

Skills

  • Understanding of leasing / lending business
  • Strong work ethic
  • Ability to work in fast pace environment and meet established goals and deadlines.
  • Strong presentation and Communication Skills (verbal & written)

Experience Required

  • Minimum 2-3 years of working experience

Department

IT and Customer Service Operations

Location

Head Office

Report to

Department Head – IT and Customer Service Operations

Position’s Purpose and Role

  • Development and maintenance of Information Systems.
  • Development, implementation and review of all IT policies and procedures.
  • Improvement of the processes of the company by suggesting and implementing suitable information systems.

Duties & Responsibilities

  • Responsible for all hardware needs of the company and ensuring its adequate maintenance through externalized support.
  • Responsible for all software packages used, including maintenance through externalized support.
  • Optimize results from available budget for hardware and software.
  • Recommend appropriate policies for business continuity and information security and ensure adequate processes are in place to meet the standards prescribed in the policy.
  • Make available to Senior Management through data mining of information available on the system.
  • Ensuring that the IT infrastructure prescribes to sufficient security measures in line with the industry best practices.
  • Suggesting ways to improve the efficiency, productivity, operating costs etc. by proper utilization of technology.
  • Coordinating with other department heads in ensuring that proper business processes are in place.
  • Handling CBO reporting and other regulatory reporting.
  • Manage IT employees’ day-to-day functions.

Job Specifications (Qualifications, Skills and Experiences Required)

  • Degree or Master in IT/Computer science/Database administrator or any relative subject
  • Having good knowledge in SQL , PLS/SQL
  • OCP preferred
  • Preferred 10 years or more experience

Department

IT

Location

Muscat – HO

Report to

Head of IT

Position’s Purpose and Role

To design and manage company’s local and wide area networks in accordance with company’s policies

Duties & Responsibilities

  • Responsible for designing and managing LAN and WAN
  • Ensure that the networks are configured in accordance with best practices and Company’s policies
  • Prepare RFPs, bid proposals, contracts, scope of work reports, and other documentation for IT projects and associated efforts.
  • Keep all the network devices up-to-date
  • Maintain a complete network equipment inventory
  • Ensure that all devices are legally licensed
  • Keep all the servers and computers updated with latest patches
  • Ensure all servers and computers have up-to-date antivirus
  • Maintain Active Directory
  • Minimize downtime by maintaining backups of all the critical devices
  • Ensure that all the servers and data are being backed-up as per company’s policy
  • Carry out backup restorations at required frequencies
  • Ensure that the Disaster Recovery Site(s) is up-to-date at all times
  • Adhere to appropriate policies and procedures of the Company with respect to business continuity and information security
  • Provide necessary reports to the management with respect to performance etc.
  • Liaising with all hardware and software vendors.
  • Ensure that the IT infrastructure prescribes to sufficient Security measures in line with the industry best practices.
  • Improve the efficiency, productivity, operating costs etc. by proper utilization of technology.
  • Accept any additional relevant tasks assigned by the management
  • Maintaining endpoint security controls devices/servers.
  • Configuring, Monitoring and maintaining servers.
  • Ensure that all sites to site VPN are online.
  • Configuring and monitoring Firewalls.
  • Provide support to the application team.
  • Prepares and updates network documentation.
  • Manage and ensure optimal operation of all network hardware and equipment, including routers, switches, hubs, UPSs, and so on.
  • Manage and ensure effectiveness of security solutions, including firewalls, anti-virus solutions, and intrusion detection systems.

Job Specifications (Qualifications, Skills and Experiences Required)

  • Bachelor Diploma in IT or any related field
  • Excellent Communication Skills
  • Preferred 1-3 years (for Degree)/ 3-5 years (diploma) experience
Open chat
Chat with us on WhatsApp
نشكركم على تواصلكم معنا .. كيف يمكننا مساعدتكم

Thanks for your interest. How may we help you?