Oman Air has built up a reputation as a strong, competitive leader in the airline industry. We are committed to recruiting and nurturing bright and dynamic individuals to meet our manpower needs. In the new millennium, our mission is to seek out new ways to develop and improve our position as a leader in aviation excellence.

We believe our people are the reason behind our success and we offer you a once in a lifetime opportunity to work in a team-based customer-oriented environment. Our emphasis is on continual staff development we achieve through the training we impart to our staff members.

Supervise day-to-day Cybersecurity operations in-alignment with the Oman Air’s Cybersecurity strategy, controls, policies, and frameworks and lead proactive and timely management of cybersecurity incidents, and protect the organization from any cybersecurity threats, breaches or risks.

KEY ACCOUNTABILITIES & RESPONSIBILITIES:

1. Participate developing and implementing cybersecurity strategy, policies, processes and frameworks.

2. Supervise day-to-day cybersecurity operations including monitoring, response, threats escalation in accordance with applicable guidelines and matrices.

3. Evaluate existing cybersecurity controls and capabilities and recommend enhancements to ensure advanced layers of observability and wider detection coverage.

4. Lead initiatives, projects and activities to strengthen the applications and systems infrastructure security.

5. Analyze incidents to identify patterns, vulnerabilities, threats and root causes and take required course of action to eliminate or minimize reoccurrence of such incidents.

6. Manage and regularly seek to optimize cyber defense tools and systems.

7. Compile and deliver security metrics and assist in malware prevention and analysis.

8. Work with Network & Security team to produce best cybersecurity design concepts and architecture,

and interpretation of concepts into applicable features and functionalities

9. Participate in the development and implementation of disaster recovery plans in collaboration with the respective teams to ensure effective response to such incidents and to avoid business disruption or

security breaches during crises.

10. Ensure Oman Air’s compliance with applicable laws, regulations, and standards.

11. Regularly seek to promote the importance and impact of security controls within the organization to remain protected against possible threats

12. Lead the design and delivery of security awareness updates sessions to relevant stakeholders.

13. Stay abreast of security technologies and trends and utilize findings in enhancements and improvements.

14. Perform any other related tasks as assigned by the Management.

MINIMUM QUALIFICATIONS & EXPERIENCE:

• Bachelor’s degree in a relevant field such as Cybersecurity, Computer Science, Computer Engineering, Information Systems, or a related field (mandatory). Relevant post graduate degree would be an asset.

• 6+ years of experience in Information Technology with at least 4 years in cybersecurity.

PROFESSIONAL KNOWLEDGE, CERTIFICATION OR MEMBERSHIPS:

• Proficiency in English (must) and Arabic (preferred)

• Proficient in MS Office

• CISSP, CISM and/or CISA certification is preferred

SPECIAL REQUIREMENTS:

• Knowledge of airline and aviation IT including operational and commercial systems.

• Understanding of aviation regulatory and compliance requirements (e.g., CAA, IATA, ICAO, data protection regulations)

• Ability to work in a 24x7 operational environment and support critical business systems

SKILLS & COMPETENCIES:

Core Competencies:

• Strong analytical and problem-solving skills

• Effective communication and stakeholder management skills

• High level of integrity, accountability, and attention to detail

• Ability to work in a fast-paced environment and transformational setting

Technical Competences:

• Strong hands-on knowledge of network security controls, including next-generation firewalls (NGFW), policy design, and traffic inspection.

• Experience with Secure Access Service Edge (SASE) solutions including SSE, SWG, CASB, ZTNA and inline

data protection.

• Practical experience with Web Application & API Protection (WAAP) technologies for protecting

internet-facing applications and APIs.

• Ability to design, implement, and optimize security policies, rule sets, and exceptions across firewall, SASE, and WAF platforms`