21 Network Security jobs in Oman

Location:
Bowsher

Employment Type:
Full-time

About the Role:

We are seeking a motivated
Network & Security Engineer
with strong fundamentals in networking and security to join our team. The ideal candidate should have solid technical knowledge of Layer 2/3 networking, switching concepts, and firewall management, along with a willingness to learn and grow in a dynamic environment.

Key Responsibilities:

• Configure, manage, and troubleshoot network infrastructure devices (switches, firewalls, etc.).
• Implement and support VLANs, trunk/access ports, and inter-VLAN routing.
• Maintain and optimize network performance, ensuring redundancy and loop prevention using LACP and STP.
• Manage firewall environments (preferably FortiGate), including policy creation, troubleshooting, and upgrades.
• Support VPN configuration and troubleshooting.
• Provide basic DNS and DHCP administration, including IP helper configuration.
• Collaborate with team members on network projects, security implementations, and incident resolution.

Requirements:

• Strong understanding of the
  OSI Model
  (Layer 2 & Layer 3).
• Clear knowledge of
  access vs. trunk ports
  (tagged/untagged traffic) and their use cases.
• Experience with
  LACP
  and
  STP
  , with the ability to prevent and troubleshoot network loops.
• Practical knowledge of
  VLANs
  ,
  SVIs (Switch Virtual Interfaces)
  , and
  inter-VLAN routing
  .
• 1–2 years of hands-on experience with firewalls
  (FortiGate experience preferred).
• Basic understanding of
  DNS
  and
  DHCP (including IP helper addresses)
  .
• Basic knowledge of
  VPNs
  (site-to-site and remote access).
• Excellent troubleshooting skills and eagerness to learn new technologies.

Role Purpose

To design, implement, manage, and secure the organization’s network infrastructure. Also, to ensure robust network performance, high availability, and strong security measures to protect against cyber threats. This is including leading network projects, troubleshoot complex issues, and collaborate with cross-functional teams to align network strategies with business objectives.

Unit : Digital & Application

Division : Digital Infrastructure Operations

• Qualification: Bachelor (Computer Science/Information Technology)
• Preference: Network+, Security+, CCNA, or equivalent is highly preferred.
• Experience: 6-8 years of total work experience.

• Design, deploy, and maintain enterprise-wide network infrastructure including routers, switches, firewalls, web application firewalls, web filtering, network access control, VPNs, network management system and wireless networks.
• Implement and enforce network security policies, standards, and procedures to safeguard organizational data and infrastructure.
• Monitor network performance, conduct regular vulnerability assessments, and respond proactively to security incidents.
• Collaborate with IT teams to integrate security solutions and ensure compliance with regulatory requirements and industry best practices.
• Provide timely status update to the management.
• Attempt always to meet established service level agreements (SLA) commitments.
• Participation in cross functional technical projects that require network technology as a primary component of the solution.
• Provide technical guidance and mentorship to junior network and security staff.
• Monitoring the contract and prepare of (business case, scope of work) and handle the payment for the contract and less operations cost Optimization.
• Proficient knowledge on Cisco, Fortinet, HP, Huawei, F5, or any network and security vendors
• Delivering on site engineering support and handled specialized Networking tools/equipment.
• Skilled in architecture and enforcement of modern TCP/IP network.
• Expert level in configuring, support, troubleshooting, debugging.
• Maintain documentation for network configurations, security policies, and operational procedures.
• Stay current with emerging network technologies and cyber security trends to recommend improvements.

KalSoft is currently seeking a Network and Security Architect to join our team in Muscat, Sultanate of Oman.

This is a full-time, onsite role focused on delivering secure, resilient, and modern multi-cloud and network infrastructures. The position requires deep expertise across network security, cloud-native platforms, Kubernetes, and automation.

• Design and implement secure architectures for multi-cloud environments (Azure, AWS, GCP, OCI)
• Plan and optimize network infrastructure, including VLANs, Layer 2/3, BGP, OSPF, EIGRP, RIP, SD-WAN
• Deploy, manage, and support Kubernetes platforms (managed and on-prem), including upgrades, scaling, and DR
• Implement Service Mesh solutions (Istio/Linkerd) for secure communication, traffic shaping, and advanced deployment strategies (canary, blue-green)
• Automate infrastructure provisioning and deployments using IaC (Terraform) and GitOps pipelines (ArgoCD, Helm, Kustomize)
• Establish Policy-as-Code guardrails (Kyverno/OPA) for compliance, security, and governance
• Build and manage observability stacks (Prometheus, Grafana, OpenTelemetry, Tempo, Elastic/Loki) with SLO tracking and alerting
• Support and optimize end-to-end network and security infrastructures across cloud and on-prem environments
• Administer and troubleshoot network, security, and Kubernetes platforms daily
• Manage incident escalations (P1–P3) and ensure timely resolution
• Provide detailed documentation (architectures, IaC repos, runbooks/playbooks, security matrices)
• Advise stakeholders on emerging technologies, best practices, and compliance requirements

• 15+ years' experience in Cloud, Data, Network Security, and Cyber Security within banking, insurance, retail, or service provider sectors
• Mandatory certifications: CCIE, CISSP, Microsoft Cybersecurity Architect Expert
• Strong expertise in network security (firewalls, VPNs, WAFs, PAM integration, micro-segmentation, zero-trust)
• Proven experience with routing/switching, SD-WAN, and enterprise-scale network designs
• Hands-on experience with Kubernetes lifecycle management and cloud-native deployments
• Proficiency in IaC, GitOps, Policy-as-Code, and observability tools
• Strong troubleshooting, incident response, and client-facing communication skills
• Background in vulnerability assessment, compliance, and incident management

Founded in 1999, KalSoft is a multi-award-winning trusted technology partner in business innovation, delivering impactful business results to clients throughout digital modernisation and evolution. As a Microsoft Solutions Partner and a Solutions Integrator (SI), KalSoft has a well-established international presence in seven countries, and maintains a network of front offices and local business operations serving North America, Asia, Africa and the Middle East to help meet the needs of our customers and partners.

6u9z7HXZe8

Security specialist vacancy in Muscat Oman

Overview
SABSA Specialist - Cyber Security Architect. Support cyber safety and security architect lead in developing unified Cybersecurity Architecture covering both Business and Industrial Control Equipment (ICS)/Refine Control Domain Name (PCD) environments. Assist in refining architecture deliverables and related EA records to focus on the cyber security design domain.

Responsibilities

• Support the cyber safety and security architect lead in developing unified Cybersecurity Architecture covering both Business and ICS/PCD environments.
• Refine current venture designer EA records for understanding and focus on the cyber security designer domain for deliverables.
• Assist the advancement of the roadmap for the design and build of protection design functions and processes.
• Maintain verifiable documentation of security design features, processes, toolkits, and development of SABSA/CSA/ADM protection design reports.
• Assist in producing methods that utilize digital technologies and the business ecosystem.
• Support the development of Change Monitoring and Fostering Strategy (CMAP) large change management projects and effectively manage design changes.
• Assist in identifying gaps in the various security architecture layers.
• Support in setting the requirements for the yearly Set Build for Cybersecurity design.
• Provide process maps for security design features based on SIPOC.
• Deliver security design layouts and toolkits.
• Utilize agile and lean techniques to drive continuous improvement.

Qualifications

• Obligatory Accreditation: SABSA Chartered Security Architect - Practitioner Certificate (SCP); Master certification (SCM) is favored
• CISSP-ISSAP/ CCSP
• TOGAF 9 licensed
• SANS GICSP—SEC410

Job Details

• Job Types: Permanent, Agreement
• Agreement length: 1 month
• Capacity to commute/relocate: Muscat — able to commute or relocate before starting work (Required).

Job description:

POSITION INFORMATION

Division: Network & Digital Department: Security Role Designation: Cybersecurity Specialist

The Cybersecurity Specialist, under the supervision of the Manager Cybersecurity Operation, is in charge of developing, executing, and overseeing security measures to safeguard AWASR's infrastructure and data. This position performs security evaluations, creates plans for responding, and enforces adherence to industry rules and guidelines. The engineer helps the security operations team with incident response, vulnerability management, and improves AWASR's overall security resilience through collaboration. The main objective is to guarantee the security, reliability, and accessibility of AWASR's telecommunication and corporate infrastructure.

• Assist in developing and enhancing AWASR's Security Operations Center (SOC) capabilities.
• Monitor security frameworks, systems, and alerts; respond rapidly to incidents.
• Report abnormal network or infrastructure activities to relevant teams.
• Perform troubleshooting, field work, and site visits as required.
• Maintain up-to-date asset and service registers.
• Monitor and triage SOC alert queues effectively.
• Review threat intelligence reports and sources for actionable insights.
• Draft and maintain SOC policies, procedures, and playbooks.
• Onboard and integrate new equipment, systems, and tools into SOC workflows.
• Monitor AWASR assets, logs, and data flows to detect potential intrusions.
• Generate and analyze SOC health and security operation metrics (weekly, monthly, quarterly, annual).
• Coordinate and participate in security incident response activities.
• Ensure compliance with TRA regulations, laws, and industry standards (security, privacy, and data protection).
• Conduct regular security audits, assessments, and exercises (tabletop, simulations).
• Evaluate, implement, and manage security technologies (IDS/IPS, firewalls, access controls, vulnerability scanning tools).
• Manage and maintain SIEM, EDRs, and other security platforms.
• Continuously assess the effectiveness of security measures and recommend improvements.
• Assess new security products and tools, and provide support and recommendations for enhancements.
• Manage relationships with security vendors, contractors, and third-party providers.
• Maintain and update emergency response plans.
• Collaborate with business continuity and disaster recovery teams to integrate security considerations.
• Communicate security risks, vulnerabilities, and threat intelligence to stakeholders and vendors.
• Act as point of contact during incidents with regulators, law enforcement, and industry partners.
• Support special security-related projects.
• Stay updated on emerging security threats, trends, and regulatory changes.
• Develop, implement, and maintain security incident handling procedures.
• Prepare regular security reports for executive management and stakeholders.
• Ensure security controls are embedded in the technology solution lifecycle.

• Experience with penetration testing and vulnerability assessment tools.
• Knowledge of network and application security testing methodologies.
• Ability to conduct internal audits and ethical hacking exercises.

Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. 2 to 5 years of experience in the field related to the title of the position.

Certifications that are a plus:

• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)

Knowledge in managing and implementing security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM) systems, EDRs, antivirus and other security products.

Knowledge in managing security incidents, including performing root cause analysis, coordinating with relevant teams, and implementing corrective actions.

Strong background in conducting security assessments, vulnerability scans, and risk analyses.

Knowledge of telecommunications networks, systems, and related security considerations.

Knowledge of relevant laws, regulations, and industry standards related to cybersecurity, privacy, and data protection (e.g., GDPR, ITU, ISO 27001, TRA regulations).

Knowledge in developing, drafting, and implementing security policies, procedures, and guidelines.

Proficiency in network and system security

Familiarity with secure architecture and design principles

Knowledge of threat intelligence and vulnerability management

Ability to manage security projects, including the deployment of security tools and technologies.

Strong ability to communicate complex security concepts to both technical and non-technical stakeholders.

Commitment to staying up to date with the latest cybersecurity trends, threats, and technologies.

Adhere to all work-related tasks and requests from line manager.

English mandatory, Arabic mandatory (both verbal and written).

Strong understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) systems.

Good knowledge in security tools such as vulnerability scanners, endpoint protection, and encryption technologies.

Knowledge with cloud security platforms and technologies.

Knowledge of security frameworks and standards such as ISO 27001, NIST, CIS Controls, and GDPR.

Familiarity with regulatory requirements and compliance standards related to security, privacy, and data protection.

Knowledge in incident response, digital forensics, and root cause analysis.

Ability to lead and coordinate security incident response efforts effectively if required.

Good understanding of risk assessment methodologies and vulnerability management.

Knowledge with threat intelligence gathering and analysis.

Ability to review and process threat intelligence reports and sources.

Knowledge in security assessments and penetration testing.

Ability to identify security vulnerabilities and ensure their resolution.

Knowledge in drafting and implementing security policies and procedures.

Knowledge of SOC operations and best practices.

Knowledge in monitoring security systems and analyzing logs to identify potential threats and intrusions.

Ability to effectively prioritize and automate the resolution of security issues.

Strong communication skills to convey security risks, vulnerabilities, and threat intelligence to stakeholders.

Ability to collaborate with internal teams, external partners, and regulatory agencies.

Knowledge in managing security projects and initiatives.

Ability to align security operations with organizational goals and objectives.

Provide guidance and support to ensure effective performance and collaboration.

Commitment to continuous improvement and staying updated on emerging security trends and technologies.

Ability to align security operations with the department budget.

Knowledge in selecting and purchasing security tools or acquiring managed services within budget constraints.

Knowledge of business continuity and disaster recovery planning.

Strong analytical skills to assess complex security issues.

Ability to think critically and solve problems under pressure.

Job description:

POSITION INFORMATION

Division: Network & Digital Department:Security Role Designation: Cybersecurity Specialist

ROLE PURPOSE

The Cybersecurity Specialist, under the supervision of the Manager Cybersecurity Operation, is in charge of developing, executing, and overseeing security measures to safeguard AWASR's infrastructure and data. This position performs security evaluations, creates plans for responding, and enforces adherence to industry rules and guidelines. The engineer helps the security operations team with incident response, vulnerability management, and improves AWASR's overall security resilience through collaboration. The main objective is to guarantee the security, reliability, and accessibility of AWASR's telecommunication and corporate infrastructure.

KEY ACCOUNTABILITIES AND RESPONSIBILITIES

* Assist in developing and enhancing AWASR's Security Operations Center (SOC) capabilities.

* Monitor security frameworks, systems, and alerts; respond rapidly to incidents.

* Report abnormal network or infrastructure activities to relevant teams.

* Perform troubleshooting, field work, and site visits as required.

* Maintain up-to-date asset and service registers.

* Monitor and triage SOC alert queues effectively.

* Review threat intelligence reports and sources for actionable insights.

* Draft and maintain SOC policies, procedures, and playbooks.

* Onboard and integrate new equipment, systems, and tools into SOC workflows.

* Monitor AWASR assets, logs, and data flows to detect potential intrusions.

* Generate and analyze SOC health and security operation metrics (weekly, monthly, quarterly, annual).

* Coordinate and participate in security incident response activities.

* Ensure compliance with TRA regulations, laws, and industry standards (security, privacy, and data protection).

* Conduct regular security audits, assessments, and exercises (tabletop, simulations).

* Evaluate, implement, and manage security technologies (IDS/IPS, firewalls, access controls, vulnerability scanning tools).

* Manage and maintain SIEM, EDRs, and other security platforms.

* Continuously assess the effectiveness of security measures and recommend improvements.

* Assess new security products and tools, and provide support and recommendations for enhancements.

* Manage relationships with security vendors, contractors, and third-party providers.

* Maintain and update emergency response plans.

* Collaborate with business continuity and disaster recovery teams to integrate security considerations.

* Communicate security risks, vulnerabilities, and threat intelligence to stakeholders and vendors.

* Act as point of contact during incidents with regulators, law enforcement, and industry partners.

* Support special security-related projects.

* Stay updated on emerging security threats, trends, and regulatory changes.

* Develop, implement, and maintain security incident handling procedures.

* Prepare regular security reports for executive management and stakeholders.

* Ensure security controls are embedded in the technology solution lifecycle.

* Preferred Skills:

* Experience with penetration testing and vulnerability assessment tools.

* Knowledge of network and application security testing methodologies.

* Ability to conduct internal audits and ethical hacking exercises.

Qualifications & Experience

* Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.2 to 5 years of experience in the field related to the title of the position.

* Below certifications are a plus :

* Certified Ethical Hacker (CEH)

* GIAC Security Essentials (GSEC)

* Knowledge in managing and implementing security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM) systems, EDRs, antivirus and other security products.

* Knowledge in managing security incidents, including performing root cause analysis, coordinating with relevant teams, and implementing corrective actions.

* Strong background in conducting security assessments, vulnerability scans, and risk analyses.

* Knowledge of telecommunications networks, systems, and related security considerations.

* Knowledge of relevant laws, regulations, and industry standards related to cybersecurity, privacy, and data protection (e.g., GDPR, ITU, ISO 27001, TRA regulations).

* Knowledge in developing, drafting, and implementing security policies, procedures, and guidelines.

* Proficiency in network and system security

* Familiarity with secure architecture and design principles

* Knowledge of threat intelligence and vulnerability management

* Ability to manage security projects, including the deployment of security tools and technologies.

* Strong ability to communicate complex security concepts to both technical and non-technical stakeholders.

* Commitment to staying up to date with the latest cybersecurity trends, threats, and technologies.

* Adhere to all work-related tasks and requests from line manager.

Language Requirements for Role

* English mandatory, Arabic mandatory ( both verbal and written).

Key Skills and Knowledge

* Strong understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) systems.

* Good knowledge in security tools such as vulnerability scanners, endpoint protection, and encryption technologies.

* Knowledge with cloud security platforms and technologies.

* Knowledge of security frameworks and standards such as ISO 27001, NIST, CIS Controls, and GDPR.

* Familiarity with regulatory requirements and compliance standards related to security, privacy, and data protection.

* Knowledge in incident response, digital forensics, and root cause analysis.

* Ability to lead and coordinate security incident response efforts effectively if required.

* Good understanding of risk assessment methodologies and vulnerability management.

* Knowledge with threat intelligence gathering and analysis.

* Ability to review and process threat intelligence reports and sources.

* Knowledge in security assessments and penetration testing.

* Ability to identify security vulnerabilities and ensure their resolution.

* Knowledge in drafting and implementing security policies and procedures.

* Knowledge of SOC operations and best practices.

* Knowledge in monitoring security systems and analysing logs to identify potential threats and intrusions.

* Ability to effectively prioritize and automate the resolution of security issues.

* Strong communication skills to convey security risks, vulnerabilities, and threat intelligence to stakeholders.

* Ability to collaborate with internal teams, external partners, and regulatory agencies.

* Knowledge in managing security projects and initiatives.

* Ability to align security operations with organizational goals and objectives.

* Provide guidance and support to ensure effective performance and collaboration.

* Commitment to continuous improvement and staying updated on emerging security trends and technologies.

* Ability to align security operations with the department budget.

* Knowledge in selecting and purchasing security tools or acquiring managed services within budget constraints.

* Knowledge of business continuity and disaster recovery planning.

* Strong analytical skills to assess complex security issues.

* Ability to think critically and solve problems under pressure.

Profile description:

The Cybersecurity Specialist, under the supervision of the Manager Cybersecurity Operation, is in ch

5 yrs experience of sales and marketing in Oman in the fields of IT Solutions, Cyber Security and ELV solutions, services. Should be from Indian origin and have direct contacts, relationship with potential clients.

Overview

Position information: Division: Network & Digital; Department: Security; Role Designation: Specialist - Security Special Projects. The Security Special Projects Specialist, reporting to the Manager of Security Special Projects, is responsible for monitoring, deploying, and managing security special projects solutions to ensure AWASR's infrastructure is compliant with regulatory laws. This role is responsible for AWASR's security special projects infrastructure including operation, management, maintenance, enhancement, and ensures compliance with industry standards and regulations. By collaborating with the security operations team, network team & other AWASR's teams, security special projects Specialist supports deployments of projects while ensuring compliance with regulations are met. The primary goal is to ensure the confidentiality, integrity, and availability of AWASR's telecom and enterprise infrastructure.

• Establish and Build AWASR's security special projects network.
• Implement the processes and producers for AWASR's security Department.
• Responsible for deployment, maintenance, and monitoring of security special projects technologies, tools, and systems.
• Responsible for the management of security department nodes including firewalls, switches, and other security platforms.
• Monitor and respond quickly to incidents related to compliance & regulation or any security department nodes.
• Identify areas for improvements in security department network operation.
• Prepare reports for security special projects nodes, tools, and systems on weekly, monthly, yearly basis.
• Prepare regular security reports for executive management and stakeholders.
• Prepare security department nodes health-check reports on a regular basis.
• Ensure all security special projects requirements are addressed and closed in a timely manner.
• Ensure the availability for support and troubleshooting of any on-site security special projects requirements or any relevant to security department.
• Continuously monitor and evaluate the effectiveness of security special projects measures and processes.
• Collaborate with security training exercises, simulations, and tabletop exercises from security department if required.
• Ensure compliance with relevant laws, regulations, and industry standards related to security, privacy, and data protection.
• Maintain healthy relationships with security vendors, contractors, third-party service providers and government entities.
• Support the security governance function to evaluate the security posture of third-party vendors and ensure compliance with security requirements.
• Support Security Operations with any reported security breach, incident, vulnerability, or any related event that may affect security special projects network.
• Identify security special projects solution enhancements.
• Prepare Security Department project requirements to support all AWASR's new network/product deployments.
• Prepare Security Department project requirements to support all AWASR's proposed network/product expansions.

• Support with security department change management.
• Perform preventive maintenance to security special projects network when required.
• Ensure that Security Special Projects systems, networks, and critical infrastructure across AWASR are highly available with minimum downtime and proper defence mechanisms.
• Monitor security vulnerabilities and threats that may affect security special projects nodes, tools, or systems.
• Serve as a point of contact for external stakeholders (regulatory agencies, law enforcement, industry partners) during security incidents or breaches. Coordinate timely and accurate information sharing to support incident response efforts.
• Collaborate with business continuity and disaster recovery teams to integrate security considerations.
• Adhere to quality assurance processes during network installation, testing, commissioning, and integration related to security special projects, ISO27000x, ITU-T X series, NIST, SIEM and ISMS.
• Ensure that all network-related changes are addressed, evaluated, and approved via proper security change processes.
• Coordinate integration activities between security special project system/network elements and other AWASR systems/network elements (core, access, etc.).
• Oversee Security Special Projects inventory and initiate procurement orders when thresholds are reached.
• Handle day-to-day activities related to the security special projects network, systems, products, and follow-up actions.

• Ensure operational compliance with Oman TRA Regulations.
• Research and stay abreast of the latest security best practices related to cybersecurity & special projects.
• Monitor security department systems/nodes lifecycle and initiate replacement requests proactively.
• Support developing budget requirements for security special projects by providing requirements insight.
• Support enhancement of security special projects processes and procedures.
• Support vendor management ensuring all vendors work as per AWASR's standards and are available for support during incidents or when required.
• Perform other tasks and activities as assigned by the Line Manager.

• Bachelor’s degree with preferred fields in Telecommunication, Information/Cyber Security, IT Security or Network Security.
• 2-5 years of experience in related field.
• CCNA, CompTIA Security+ or related certifications are a bonus.
• Knowledge of ITIL (certification preferred) with respect to security administration and IT governance in a multiplatform environment.
• Knowledge in cybersecurity metrics for reporting and in deployment, optimization, and operation of medium to large telecom networks.
• Strong knowledge related to Telecom, Cyber/Info Security, IT, Network, TRA Regulation of Oman, and relevant legal/regulatory requirements/standards.
• Knowledge of international security frameworks such as ISO2700x, NIST and ITU-T X series.
• Knowledge of security standards and best practices across ISMS, SIEM, etc., and ability to maintain them across the organization.
• Experience managing regulatory issues with government and license obligations, including TRA Regulation adherence.
• Knowledge in selecting and deploying appropriate security networks and systems, including performance monitoring and traffic profiling.
• High level of personal integrity and ability to handle confidential matters with sound judgment.
• Analytical skills and experience in data integration and problem solving.
• Proactive, curious about data and technology.

English mandatory, Arabic mandatory (both verbal and written).

• Hands-on practice with network security, systems and tools architecture.
• Knowledgeable of IT & Security strategy, security architecture, and security frameworks.
• Knowledge of telecom network elements/infrastructure on medium to large scale for fixed & mobile.
• Ability to evaluate information, tools, systems to determine compliance with laws & regulations.
• Ability to adapt to changes in the work environment and identify performance indicators for improvement.
• Ability to align security special projects with organizational goals and work effectively in a multicultural team.
• Excellent interpersonal, communication, and collaboration skills in English and Arabic.
• Strong understanding of security topics such as access control, hardening, threat modelling, encryption, vulnerability management, digital forensics and incident response.
• Judgment, decision-making, and systems analysis/evaluation skills.

The Security Special Projects Specialist, reporting to the Manager of Security Special Projects, is

Overview

In security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do. To support this we need to use industry best practices paired with emerging threat information to promote risk identification, quantification, impact analysis, and modelling to ultimately drive decision making. In this role, you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will not only work within the team but also cross-functionally with various teams across the organisation. The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks. Additionally, the team collaborates with our Organisational Learning and Development team to develop playbooks and facilitate security training across Canonical.

The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

• Define Canonical's security risk management standards and playbooks
• Analyse and improve Canonical's security risk practices
• Evaluate, select and implement new security requirements, tools and practices
• Grow the presence and thought leadership of Canonical security risk management practice
• Develop Canonical security risk learning and development materials
• Work with Security leadership to present information and influence change
• Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs
• Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)
• Participate in risk management, decision-making, and collaborative discussions
• Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes
• Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action
• Develop templates and materials to help with self-service risk management actions
• Monitor and identify opportunities to improve the effectiveness of risk management processes
• Launch campaigns to perform security assessments and help mitigate security risks across the company
• Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
• Expertise in threat modelling and risk management frameworks
• Broad knowledge of how to operationalize the management of security risk
• Experience in Secure Development Lifecycle and Security by Design methodology

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.