Senior Specialist Regulatory ||

Oman Investment Authority

RESPONSIBILITIES

Regulatory engagement & relationship management

• Serve as the primary point of contact with relevant authorities (e.g., MTCIT, TRA, Environment Authority, CDAA, Royal Oman Police/Immigration for data hosting where relevant, Central Bank of Oman (CBO) and Capital Market Authority (CMA) for sector approvals, Ministry of Energy & Minerals for O&G) as applicable to each opportunity
• Build a regulator contact map, meeting cadence and agenda; organise pre filing consultations and clarifications to de risk submissions.
• Maintain a repository of regulator guidance, circulars and precedents; share updates via internal bulletins.

Client approvals & deal enablement

• For each pursuit, develop an approval plan with prerequisites, artefacts and timelines; align with bid/no bid gates.
• Prepare complete submission packs (cover letters, forms, solution descriptions, data flow/architecture diagrams, security controls, DPIAs where required, data residency statements, SLAs, business justifications and client consents)
• Coordinate internal reviews (Legal, Security, Data Protection, Finance/Tax) and obtain approvals per DOA; manage filings via GR and track status to closure.
• Support RFP responses with regulatory narratives, exemptions/waivers requests, and letters of intent/comfort from authorities where feasible.

Compliance management (solution level)

• Translate cross cutting obligations (PDPL, cybersecurity, cloud/hosting, telecom/connectivity, sector outsourcing and incident reporting) into solution design requirements and contract conditions.
• Review commercial contracts for regulatory clauses (data location, audit/inspection rights, breach notification windows, subcontracting/outsourcing approvals, change control).
• Maintain a regulatory register mapped to offerings and sectors with owners, controls and evidence requirements.

Policy analysis & advocacy

• Monitor the pipeline of laws/regulations and analyse impact on offerings (barriers, dependencies, timing); publish impact notes and go/no go recommendations.
• Draft Onetech s consultation responses/position papers; participate in regulator roundtables/working groups and industry associations.

Sector desk expertise

• Build deep understanding of sector specific expectations:
• O&G/Government: critical infrastructure, on prem/sovereign hosting preferences, data classification, incident reporting, safety/security permits.
• Financial services: CBO/CMA outsourcing and cloud guidelines, data localisation or access requirements, third party risk and resilience testing.
• Develop sector specific checklists, templates and training for account/solution teams.

Governance, metrics & continuous improvement

• Define and track KPIs: approval cycle time, first time right rate, number of regulator engagements, deals enabled, exceptions resolved.
• Standardise and continuously improve templates (regulatory checklist, DPIA, data mapping, consent forms, change request formats) and a central approvals tracker
• Ensure ABAC/Conflicts of Interest compliance in all external interactions; log meetings and decisions.