Cyber Resilience Compliance Analyst

Job Purpose

• At Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers ‘Fly Better’.
• Emirates Group IT thrives on the dynamic nature of technology.
• Being pioneers in aviation innovation, we're always at the forefront, pushing boundaries.
• We're on the lookout for exceptional IT professionals to fortify our position as leaders in the industry.
• Embark on a journey with the world’s largest international airline and become a vital part of our cutting-edge information and technology team as Cyber Resilience Compliance Analyst.
• Join our CyberSecurity team where we ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop.
• The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations.
• If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.
• As a Cyber Resilience Compliance Analyst, you will plan and lead the execution of compliance reviews and gap assessments.
• You will measure compliance against regulatory standards as well as internal policies and regulations.
• The role also contributes to the development and implementation of cybersecurity governance framework, policies and procedures, and driving compliance and remediation.
• In this role you will:
• Conduct audit and assessments to identify gaps in compliance with relevant regulatory standards e.g. ISMS, EU-GDPR, UK DPA, PCI-DSS, ISO 27001, and UAE ISR from DESC.
• Oversee internal and external audits, manage audit remediation tracking, establish and drive KPIs, and drive remediation efforts.
• Support the implementation of new compliance requirements including but not limited to the documentation, adoption and ongoing adherence.
• Oversee compliance evidence collection and work with business units to gather and verify evidence for compliance assessments.
• Develop, improve and streamline compliance evidence collection tools and procedures and escalate to management findings and non compliance issues.
• Communicate evolving regulatory requirements and the compliance status (PCI DSS and EU-GDPR) to IT, Data Privacy Office, business units, and enterprise executives, management, and liaisons.
• Collaborate regularly with assessors and auditors in identifying compliance gaps and implementing corrective actions and adjusting the compliance program as needed.
• Work closely with business units and vendors to ensure adherence to compliance program requirements.
• Challenge and validate assessment decisions from both internal business units as well as external partners/vendors, drive and oversee continuous improvements

Qualification

• To be considered for the role, you must meet the below requirements:
• Degree or Honours (12+3 or equivalent) in Cybersecurity, Information Security, Information Technology, or a related field (Masters degree is a plus)
• Professional certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
• Lead Auditor/Implementer, PCI-DSS QSA/ISA or other relevant security and compliance certifications are highly desirable.
• Proficiency in compliance management tools and ISMS frameworks (information security management system)frameworks.
• Strong knowledge of international and regional cybersecurity laws, regulations, and standards.
• Minimum 5-7 years of experience in cybersecurity regulatory compliance, governance, audit, or risk management.
• Experience conducting audits, assessments, and risk evaluations in a cybersecurity or IT compliance environment.
• Experience in working with financial institutions, aviation, or critical infrastructure sectors.
• Familiarity with cloud security compliance frameworks (e.g., NIST, CSA, CIS Benchmarks).
• Strong technical understanding of cybersecurity concepts, controls, and threat landscapes.
• Audit Management & Auditing.
• **Leadership Role:** No

Salary & Benefits