Job Description

Key Responsibilities:

Lead development, maintenance, and enforcement of cybersecurity policies, standards, and procedures. Perform ISMS programs, internal audits, ISO certification cycles. Perform cybersecurity risk assessments, risk treatment plans, and tracking Coordinate BIA, BCP, and DR activities; and ensure alignment with ISO 22301. Lead third-party security assessments, vendor onboarding security validation, and review of PT/MAST/API security scan reports. Ensure compliance with UAE IA, Cyber security council , PDPL regulations and internal MOHRE frameworks. Lead cybersecurity awareness programs and technical trainings for IT and business teams. Oversee cybersecurity projects across Infra, Applications, Data, and Governance teams, ensuring secure design and implementation. Prepare KPIs, audit trackers, and report findings to senior leadership Coordinate security reviews for new applications, APIs, cloud onboarding, and integrations. Prepare cybersecurity awareness materials and conduct technical sessions.

Experience:

8-12+ years of experience in experience in cybersecurity governance, GRC including proven leadership in technical and security-driven environments. Bachelor's degree in IT/Computer Science, Cybersecurity, or related field (postgraduate qualifications highly regarded). Deep knowledge of security frameworks (ISO 2700x, NIST CSF), risk management, and security architecture. Knowledge of ISO 27001, 22301, 20000, PDPL, NIST CSF, CIS controls. Experience managing audits, risk registers, policies, and compliance programs. Strong communication, and documentation skills

Certifications:

CISM or equivalent certification CISSP/CRISC ISO 27001 Lead Auditor/Implementer certification * Cloud security certifications (Azure/AWS Security).