Assistant Manager – Cyber Security, Assurance & Risk DUBAI PROPERTIES GROUP LLC

An opportunity has arisen for an Assistant Manager – Cyber Security, Assurance & Risk to join Dubai Holding Asset Management. The main duties and responsibilities of this role:

• The role holder is responsible for supporting the implementation and monitoring of information security governance and compliance activities across DHAM and its entities.
• This includes assisting with policy development, audits, awareness initiatives, and governance frameworks to ensure alignment with best practices (e.g., ISO 27001) and business requirements.
• The role focuses on coordinating activities, maintaining documentation, and providing operational support to help strengthen the group’s overall

Cybersecurity & Risk Management

• Support the IT and cybersecurity risk management framework, ensuring alignment with organizational objectives and regulatory requirements.
• Identify, evaluate, and monitor technology-related risks across infrastructure, applications, cloud, and third-party vendors.
• Work with stakeholders to implement mitigation measures, controls, and risk treatment plans.
• Maintain the IT Risk Register, track remediation actions, and escalate risks/issues in line with governance processes.
• Coordinate and conduct periodic risk assessments and workshops with business and IT stakeholders.
• Track and report Key Risk Indicators (KRIs) and prepare risk dashboards and reports for management review.

Assurance & Compliance

• Conduct assurance reviews and internal audits of security controls, IT processes, and regulatory compliance (e.g., ISO 27001, NIST, GDPR, UAE NESA, SCA).
• Support internal and external audit engagements, ensuring timely closure of findings and recommendations.
• Monitor assurance activities such as user access reviews, control checks, and compliance schedules.
• Report on compliance status, exceptions, and remediation plans to management.
• Maintain documentation and evidence to support governance, risk, and compliance (GRC) requirements.
• Liaise with IT/security teams and vendors on incident reporting, documentation, and follow-up.

Policy, Governance & Awareness

• Support the development, review, and enforcement of IT and cybersecurity policies, standards, and procedures.
• Contribute to the implementation and continuous improvement of the IT Governance Framework, aligning with ISO 27001 and other standards.
• Promote security awareness through training, communications, and awareness sessions across all business units.
• Participate in governance and risk forums and support management reporting.

Disaster Recovery (DR) & Business Continuity (BCM)

• Support the development, maintenance, and testing of Disaster Recovery (DR) and Business Continuity (BC) plans.
• Coordinate DR/BC test planning, scheduling, execution, and documentation of results.
• Track corrective actions, ensure remediation, and maintain centralized DR/BC documentation for audits and management reporting.

Operational & Project Support

• Support group-wide information security, governance, and compliance initiatives.
• Assist in managing IT governance and security projects, including coordination with vendors and service providers.
• Gather data to identify gaps, support process improvements, and escalate issues where needed.
• Track and report progress on information security and governance initiatives to senior management.