drjobs Manager Cybersecurity Resilience GCA - The Emirates Group العربية

Manager Cybersecurity Resilience GCA - The Emirates Group

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Dubai - UAE

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Job Purpose: Job Purpose:

  • Own oversee and drive Group Cyber Security Resilience in Governance Compliance & Assurance by proactively enforcing and executing an Information Security Management System (ISMS) and a security control framework (based on NIST) while fulfilling the necessary regulatory security compliance requirements (e.g. but not limited to Dubai ISR/PCI/DSS GDPR).
  • Accountable for establishing and overseeing and assuring securitybydesign and compliance mitigation across The Emirates Group globally and for providing consultation tools and training required to reinforce the overall cyber security resilience of the group.

Job Accountabilities Linked to Objective Areas:

  • Lead and drive the implementation of a fitforpurpose cyber security policy (ISMS) and cyber governance control framework (ISMS) into the Group globally and across all business lines aligned with industry best practice (e.g. NIST). Own the IT liaison to align with other policy bodies in the Group. Facilitate the Cybersecurity Governance (as part of IT steering board) across the group at its highest level.
  • Drive and oversee Cybersecurity Assurance (1st line of defence) activities ensuring securitybydesign oversight regulatory requirements and consulting to all global and local entities under The Emirates Group including Application Assurance Web & Mobile Assurance Infrastructure Assurance Compliance Assurance and Program Assurance. Continuously to empower delivery organisations to shiftleft cybersecurity resilience by acting as the front office for all Cybersecurity capabilities embedded in the respective delivery teams.
  • Implement and embed security privacy and regulatory compliance by design principles ensuring these fundamental requirements are embedded into the IT organisation. Provide continuous improvements measured and reported on the current state of Cybersecurity Assurance and drive remediation where required.
  • Provide continuous Cybersecurity resilience improvement in IT and the Business by empowering and overseeing Cybersecurity resilience activities and delivering on a roadmap to embed DevSecOps into the Emirates IT Culture driving the development of cybersecurity resilient systems that protect the Emirates Group from Cybersecurity threats long term.
  • Own and manage Cybersecurity regulatory compliance (2nd line of defence) by consulting the Emirates Group in close collaboration with the other Cybersecurity capabilities and business functions (e.g. Finance for PCI/DSS and Legal for GDPR ISR as a Dubai Government requirement) to prevent noncompliances to the compliance frameworks the group signed up to. This role is crucial to apply 2nd line of defence for Emirates Group compliance to regulations and therefore should be at the forefront of evolving regulatory requirements.
  • Ensure policy and cybersecurity exception and cybersecurity security change management is governed and violations/deviations are managed mitigated and reported as per governance process and in close collaboration with the Cybersecurity Risk function.
  • Own Drive IT Business continuity planning and testing as well as IT disaster recovery planning and testing for the Group to achieve highest levels of operational resilience and necessary recovery.
  • Drive all cyber securityrelated assessment on behalf of IT in respect to ISR SAS70 ISO27001 including ongoing management of IT security standards such as PCI DSS as well as EU GDPR in close collaboration with Legal and Internal Audit supported by the subject matter expertise.
  • Drive industry best practice research to continuously improve and shiftleft Group CyberSecurity resilience capabilities. Empower and promote cybersecurity selfservice across group.
  • Establish and orchestrate the CISO global network of Regional or Functional Business Information Officers (BISO) driving the regional or functional implementation of the Cyber Security governance guided by the Group Policies and Standards.

Qualifications & Experience: Degree or Honours (12 3 or equivalent) in Information Technology/IT Security/Other.

Experience:

  • 10 years in Information Technology.
  • Minimum 5 years at a senior management level in IT Risk/Cybersecurity.
  • Hands on experience in Regulatory Framework implementation IT operations and delivery of projects.
  • Hands on experience in Threat Modelling (Optional)

Knowledge/skills:

  • Stakeholder Management.
  • Security by design thought leadership.
  • Smart measures and metrics (KPIs & OKRs).
  • IT Quality or regulatory compliance Management.
  • Security Frameworks (ISO27001/CIS Critical security controls others).
  • Cyber Resilience experience.

Leadership Role: Yes.



This job has been sourced from an external job board.
More jobs on

Employment Type

Full Time

Company Industry

About Company

Report This Job
Disclaimer: Drjobs.ae is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.