Jobs at FIRST E&P Limited

Description

• The Technology Program Manager is responsible for driving the successful delivery of the organization’s technology programmes and projects, ensuring strategic alignment, effective governance, and measurable value realization across the enterprise.
• Reporting directly to the Chief Technology Officer (CTO), the role provides centralized oversight of the technology project portfolio and acts as the single point of accountability for programme health, delivery performance, and executive reporting. 
• Operating within a lean technology organization, the Technology Program Manager does not directly line‑manage project managers but works closely with project leads from vendors, business units, and technology teams.
• The role partners with Technology Operations, Digital & Technology Innovation, and Cybersecurity leadership to ensure initiatives are delivered in a controlled, transparent, and business‑focused manner. 

Key Accountabilities
Programme & Portfolio Management:

• Own and manage the enterprise‑wide technology programme and project portfolio. 
• Ensure all initiatives are aligned with technology strategy, business priorities, and approved funding. 
• Maintain visibility of programme scope, timelines, budgets, dependencies, and outcomes. 

Delivery Governance & PMO Standards:

• Establish, maintain, and enforce programme and project management standards, frameworks, and methodologies aligned with global best practice. 
• Define governance structures, stage gates, and approval processes appropriate for a lean organization. 
• Ensure consistent application of delivery controls across internally and externally managed projects. 

Delivery Performance & Financial Oversight:

• Track and report on delivery milestones, schedule performance, budgets, and benefits realization. 
• Monitor resource allocation and capacity across programmes in collaboration with technology and delivery teams. 
• Identify delivery risks early and support corrective action to maintain programme integrity. 

Risk, Dependency & Issue Management:

• Identify, assess, and manage cross‑programme risks, interdependencies, and constraints. 
• Facilitate dependency management across operations, digital initiatives, cybersecurity, and infrastructure change. 
• Ensure escalation paths are clear and issues are addressed in a timely manner. 

Stakeholder Engagement & Executive Reporting:

• Serve as the primary interface between delivery teams and senior technology leadership. 
• Prepare and present programme status, KPIs, and decision materials for the CTO and governance forums. 
• Ensure transparent, accurate, and decision‑oriented reporting across all technology initiatives. 

Agile & Hybrid Delivery Enablement:

• Champion the adoption of agile, hybrid, and fit‑for‑purpose delivery approaches across technology teams and vendors. 
• Support delivery teams in applying practical agile principles within enterprise governance constraints. 
• Promote continuous improvement in delivery capability and outcomes. 

Collaboration & Assurance:

• Work closely with Technology Operations, Digital & Technology Innovation, and Cybersecurity leads to ensure coordinated planning and execution. 
• Ensure cybersecurity, risk, and operational requirements are embedded into programme delivery from initiation through closure. 

Requirements
The ideal candidate must possess the following: 

• Bachelor’s Degree in Information Technology, Computer Science, Engineering, Business, or a related discipline.  
• Approximately 10 years of experience in technology programme, portfolio, or large‑scale project delivery roles.  
• Prior experience in a reputable international consulting organization (e.g. management consulting, systems integration, or advisory) is essential.  
• Proven experience establishing and operating PMO governance in complex, multi‑vendor environments.  
• Strong background in delivering enterprise‑scale technology initiatives across infrastructure, applications, cloud, and digital domains.  
• Demonstrated ability to manage senior stakeholders and executive‑level reporting.  
• Relevant professional certifications are desirable, such as:  PMP, PgMP, or PRINCE2 ;SAFe, Scrum, or Agile certifications; MSP or equivalent programme management credentials
• Senior, credible delivery professional with the ability to influence without formal authority.  
• Strong business and commercial acumen with a focus on value realization.  
• Structured, analytical thinker with strong attention to detail and control discipline.  
• Pragmatic and adaptable, comfortable operating in lean and evolving environments.  
• Clear, confident communicator able to engage executives, vendors, and technical teams.  
• Calm under pressure with strong judgement and decision‑making capability.  
• High professional integrity, accountability, and commitment to delivery excellence. 

go to method of application »

Description

• The Cybersecurity Lead is responsible for safeguarding the organization’s information assets, operational technology interfaces, digital platforms, and data by leading the enterprise cybersecurity and information security function.
• Reporting directly to the Chief Technology Officer (CTO), the role provides independent oversight of cybersecurity risk, governance, and compliance while supporting safe, reliable, and efficient business and operational outcomes. 
• The role operates within a lean technology organization and works closely with Technology Operations, Digital & Technology Innovation, and Technical Project Management teams to embed cybersecurity controls into day‑to‑day operations and project delivery.  

Key Accountabilities
Cybersecurity Strategy & Governance:

• Define the organization information and cybersecurity strategy together with the Digital and Technology innovation team. And execute the strategy in alignment with operational reliability, safety, and business objectives. 
• Establish and maintain cybersecurity policies, standards, and procedures aligned with global best practices and regulatory expectations. 
• Ensure security considerations are integrated into infrastructure, cloud, business applications, and digital transformation initiatives. 

Cyber Risk Management & IT GRC:

• Lead enterprise cybersecurity risk management activities, including identification, assessment, mitigation, and reporting of cyber risks. 
• Maintain the cybersecurity and IT risk register and support integration with broader enterprise risk management processes. 
• Ensure compliance with applicable regulatory requirements, contractual obligations, and data protection standards relevant to the oil and gas operating environment. 
• Coordinate and support internal and external audits, risk assessments, and assurance activities. 

Security Operations & Incident Response:

• Provide oversight and service assurance for outsourced Security Operations Centre (SOC) services. 
• Lead and coordinate cybersecurity incident response activities, including investigation, containment, remediation, and post‑incident reviews. 
• Ensure incident response plans, escalation procedures, and communication protocols are defined, tested, and operationally practical. 

Threat Intelligence, Vulnerability & Assurance:

• Oversee vulnerability management and penetration testing programs delivered by third‑party providers. 
• Work with Technology Operations teams to ensure timely remediation of identified vulnerabilities, prioritised based on operational and business risk.
• Monitor emerging cyber threats and industry‑relevant attack patterns and translate insights into practical control improvements. 

Identity, Access & Architecture Security:

• Oversee Identity and Access Management (IAM) controls, including privileged access management and user lifecycle processes. 
• Promote least‑privilege access, segregation of duties, and zero‑trust principles across enterprise IT and digital platforms. 
• Provide security input into system architecture, solution designs, and technology standards. 

Third‑Party & Supply Chain Security:

• Assess and manage cybersecurity risks associated with vendors, service providers, and technology partners. 
• Ensure appropriate security controls and requirements are embedded within contracts and service agreements. 

Security Awareness & Capability Development:

• Deliver security awareness and targeted training programs to improve cyber hygiene across the organization. 
• Provide guidance and coaching to technology and digital delivery teams on secure practices. 
• Line‑manage and mentor a Cybersecurity Analyst to build internal security capability. 

Reporting & Stakeholder Engagement:

• Report cybersecurity risks, incidents, and overall security posture directly to the CTO. 
• Provide clear, practical cybersecurity insights to technology leadership and business stakeholders. 
• Act as the primary cybersecurity point of contact across the organization. 

Requirements
The ideal candidate must possess the following: 

• Bachelor’s Degree in Information Technology, Computer Science, Cybersecurity, or a related discipline.  
• 5 - 8 years’ experience in cybersecurity, information security, or IT GRC roles within enterprise environments.  
• Practical experience with cybersecurity governance frameworks such as ISO/IEC 27001, NIST Cybersecurity Framework, or similar.  
• Proven experience conducting cybersecurity risk assessments, audits, and compliance activities.  
• Familiarity with security operations concepts, incident response, vulnerability management, and third‑party security oversight.  
• Experience working in regulated or asset‑intensive industries (e.g., oil & gas, energy, utilities, or heavy industry) is an advantage.  
• Relevant professional certifications (or working towards them) such as ISO 27001, CISSP, CISM, or CRISC are desirable. 
• Strong understanding of both technical cybersecurity controls and IT governance, risk, and compliance. 
• Practical, risk‑based approach suited to operational environments where availability, safety, and business continuity are critical