Cyber Security Senior Director

Overview

Cybersecurity Operations Senior Director

About The Role

What You'Ll Be Leading

• ***Strategy, Operating Model & Governance Interface***
• Translate Miral’s security strategy into an actionable technical security operations roadmap aligned to NIST CSF 2.0, ISO 27001, the UAE Information Assurance Standards and ADHICS.
• Implement and operate the security policies, standards and controls defined by the independent Information Security Governance (second-line) function, maintaining clear segregation of duties between security operations and security governance.
• Act as the first-line technical authority on cyber risk, providing assurance to the VP Digital & Technology and the governance function on the design and effectiveness of security controls.
• ***Network & Infrastructure Security***
• Own the design, deployment and day-to-day operation of all network and infrastructure security controls — firewalls, switches and cores, segmentation, NAC, VPN and secure remote access, IDS/IPS, web and email gateways, and DDoS protection.
• Led the network security team transitioned from IT Infrastructure & Operations, enforcing secure-by-design network architecture and zero-trust principles.
• Ensure security hardening, baseline configuration and continuous compliance across servers, endpoints, cloud and OT/IoT environments supporting Miral’s destinations.
• ***Security Operations & Threat Management (SOC)***
• Direct 24x7 security monitoring, threat detection and triage through the Security Operations Centre, leveraging SIEM, EDR/XDR, SOAR and threat intelligence.
• Oversee detection engineering, use-case development and continuous tuning to reduce false positives and improve mean-time-to-detect and mean-time-to-respond.
• Lead proactive threat hunting and adversary emulation to validate the resilience of Miral’s technology estate.
• ***Identity, Privileged Access & Application Security***
• Operate and continuously improve Privileged Access Management (PAM), identity and access controls, and joiner-mover-leaver enforcement in partnership with IT.
• Embed application security across the SDLC — secure code review, SAST/DAST, API security and DevSecOps practices.
• ***Vulnerability, Patch & Configuration Management***
• Run the enterprise vulnerability management lifecycle — discovery, prioritisation, remediation tracking and reporting — across infrastructure, applications and endpoints.
• Coordinate patch and configuration management with IT operations to close exposures within agreed SLAs.
• ***Incident Response & Cyber Resilience***
• Own the technical cyber incident response capability — preparation, detection, containment, eradication, recovery and post-incident review.
• Maintain and regularly test incident response playbooks, conduct tabletop exercises, and ensure timely escalation and regulatory notification in coordination with the governance function.
• Contribute security requirements to business continuity and disaster recovery planning.
• ***Compliance, Audit & Reporting (Accountability)***
• Be accountable for the operational effectiveness of all technical security controls and for evidencing compliance during internal and external audits and regulatory assessments.
• Establish and report security operations KPIs, KRIs, and dashboards to leadership and the governance function.
• Ensure all security incidents, exceptions, and risks are accurately documented, escalated and remediated to closure.
• ***People Leadership***
• Lead, develop, and retain a multidisciplinary team spanning network security, security operations and identity & access, building a high-performance, Emiratisation-aligned talent pipeline.
• Set objectives, manage performance, and foster a culture of security awareness and continuous improvement.
• ***Financial Accountability, Vendor Management & Continuous Improvement***
• Assist in preparing and managing the cybersecurity operations budget, ensuring cost-effective use of security tooling and services and adherence to procurement policies.
• Manage security vendors, managed service providers and technology partners against defined SLAs and outcomes.
• Continuously evaluate emerging threats and technologies to mature Miral’s security posture.

What We'Re Looking For

Qualifications

• Bachelor of Science in Computer Science, Information Technology, Cybersecurity, or a related field.
• Industry-recognised security certification such as CISSP or CISM (or equivalent).
• Master's in IT Security certifications such as CCSP, GIAC, CEH, OSCP, or vendor security credentials (e.g., Cisco, Fortinet, Palo Alto).
• Years of Experience:
• 10 plus years of experience in IT Security Engineering and operations.
• 5 plus years of experience in managing the IT Ops-Security function.

Skills

• Deep technical expertise across network and infrastructure security (firewalls, segmentation, NAC, VPN, IDS/IPS) and SOC operations (SIEM, EDR/XDR, SOAR, threat detection, and incident response).
• Strong working knowledge of security frameworks and regulations — NIST CSF, ISO 27001, UAE Information Assurance Standards, and ADHICS — with proven leadership of technical security teams and vendors.
• Experience with Privileged Access Management (PAM), cloud security (Azure/AWS), and application/DevSecOps security.
• Knowledge of OT/IoT security within a hospitality, leisure, or large-scale operations environment.

Why Join Miral?