Cyber Resilience Compliance Analyst - Emiratisation

Job Purpose

In This Role You Will

• Conduct audit and assessments to identify gaps in compliance with relevant regulatory standards e.g. ISMS, EU-GDPR, UK DPA, PCI-DSS, ISO 27001, and UAE ISR from DESC.
• Oversee internal and external audits, manage audit remediation tracking, establish and drive KPIs, and drive remediation efforts.
• Support the implementation of new compliance requirements including but not limited to the documentation, adoption and ongoing adherence.
• Oversee compliance evidence collection and work with business units to gather and verify evidence for compliance assessments.
• Develop, improve and streamline compliance evidence collection tools and procedures and escalate to management findings and non compliance issues.
• Communicate evolving regulatory requirements and the compliance status (PCI DSS and EU-GDPR) to IT, Data Privacy Office, business units, and enterprise executives, management, and liaisons.
• Collaborate regularly with assessors and auditors in identifying compliance gaps and implementing corrective actions and adjusting the compliance program as needed.
• Work closely with business units and vendors to ensure adherence to compliance program requirements.
• Challenge and validate assessment decisions from both internal business units as well as external partners/vendors, drive and oversee continuous improvements

Qualification

• To be considered for the role, you must meet the below requirements:
• Degree or Honours (12+3 or equivalent) in Cybersecurity, Information Security, Information Technology, or a related field (Masters degree is a plus)
• Professional certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
• Lead Auditor/Implementer, PCI-DSS QSA/ISA or other relevant security and compliance certifications are highly desirable.
• Proficiency in compliance management tools and ISMS frameworks (information security management system)frameworks.
• Strong knowledge of international and regional cybersecurity laws, regulations, and standards.
• Minimum 5-7 years of experience in cybersecurity regulatory compliance, governance, audit, or risk management.
• Experience conducting audits, assessments, and risk evaluations in a cybersecurity or IT compliance environment.
• Experience in working with financial institutions, aviation, or critical infrastructure sectors.
• Familiarity with cloud security compliance frameworks (e.g., NIST, CSA, CIS Benchmarks).
• Strong technical understanding of cybersecurity concepts, controls, and threat landscapes.
• Audit Management & Auditing.

Salary & Benefits