Information Security Risk & Compliance Manager Emaratech

Employer Active

Posted on 9 Apr

Experience

8 - 14 Years

Job Location

Dubai - United Arab Emirates

Education

Bachelors in Computer Application(Computers)

Nationality

Any Nationality

Gender

Not Mentioned

Vacancy

1 Vacancy

Job Description

Roles & Responsibilities

Key Responsibilities

Governance, Policy & ISMS

  • Responsible for overseeing the execution of the GRC program in collaboration with the executive team as well as maintaining the group s library of security controls.
  • Lead the implementation, maintenance, and continuous improvement of the Group ISMS aligned with ISO/IEC 27001 standards.
  • Develop, update, implement, and maintain information security policies, standards, and procedures.
  • Ensure consistent implementation of information security governance across the group.
  • Develop goals for data privacy based on legal regulations and other compliance needs, designs and implement privacy policies and practices, and assess these practices for effectiveness.
  • Update security controls and provide support to all stakeholders on security controls covering internal assessments, laws, and regulations.

PCI DSS Compliance

  • Manage the organization s PCI DSS compliance program, including scope definition, risk assessments, and coordination with Qualified Security Assessors (QSAs).
  • Track remediation activities and ensure continuous compliance with PCI DSS requirements.

CBUAE Regulatory Compliance

  • Ensure compliance with UAE Central Bank (CBUAE) information security and risk management regulations.
  • Monitor regulatory updates and assess their impact on the organization.

Risk Management

  • Identify, assess, evaluate, and mitigate IT Security risks by conducting information security risk assessments and maintain centralized risk registers.
  • Track risk mitigation actions and report the security risk posture to management.

Audit & Compliance Management

  • Ensure compliance with legal, regulatory, and contractual requirements.
  • Coordinate internal audits, external certification audits, and regulatory assessments (ISO 27001, ISO 27005, NIST, PCI DSS, etc.).
  • Track audit findings and ensure timely remediation and closure.

Security Awareness & Training

  • Oversee organization-wide security awareness and compliance training programs.

Desired Candidate Profile

Bachelor s degree in:

  • Engineering
  • Information Security
  • Computer Science
  • IT Risk Management or a related discipline.

Experience & Skills

8 12 years of experience in Cybersecurity, Information Security Governance, Risk Management and Compliance Audit.

Deep understanding of frameworks like ISO 27001, PCI-DSS, DESC ISR, etc.

Preferred Certifications

  • CISSP
  • CISM
  • CISA
  • CRISC
  • ISO 27001 Lead Implementer / Lead Auditor

Company Industry

Department / Functional Area

Keywords

  • Information Security Risk & Compliance Manager

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com

Emaratech

https://apply.workable.com/emaratech-2/j/9D09FAA960/