Back to search
emaratech Linkedin · Posted 1mo ago

Information Security Analyst (GRC) UAE National

United Arab Emirates

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Role Overview

The Senior Security and Compliance Officer will lead the end-to-end implementation and oversight of the organization's information security governance, risk management, and compliance (GRC) initiatives.

The role is dedicated to ensuring alignment with global standards and regional regulatory frameworks within a highly regulated environment.

Key Responsibilities

Governance & Compliance

  • Manage full lifecycle compliance with ISO/IEC 27001, PCI DSS v4.0.1, NIST, UAE PDPL, UAE Central

Bank regulations, and other applicable laws.

  • Develop, review, and maintain information security policies, procedures, and governance documents
  • Serve as the single point of contact for InfoSec compliance

Risk Management

  • Lead technology and information security risk assessments across all domains
  • Maintain centralized risk registers with clear ownership, treatment plans, and traceability
  • Provide regular risk posture reports and validate remediation effectiveness

Audit & Regulatory Oversight

  • Plan and manage audits, inspections, regulatory assessments, and certifications
  • Coordinate internal and external stakeholder responses and ensure closure of findings

PCI DSS v4.0.1 Compliance

  • Own PCI DSS compliance program, including scoping, assessment coordination, remediation, and

documentation management.

  • Track scope-impacting changes in systems or vendors

Awareness & Training

  • Design and manage induction and awareness programs via LMS platforms
  • Automate training lifecycle and track compliance for audit readiness

Vendor & Third-Party Risk

  • Perform third-party risk assessments and ensure contractual compliance with InfoSec, PCI DSS, and CPR requirements

Continuous Improvement

  • Monitor regulatory changes and drive maturity improvements across GRC processes and tooling

Qualifications & Experience

  • Education: Bachelor's in InfoSec, Computer Science, Risk Management, or related fields
  • Certifications (Preferred): CISSP, CISM, CRISC, ISO 27001 LA/LI, PCI DSS

Core Skills

  • Deep understanding of information security frameworks and risk governance
  • Strong documentation, analytical, and stakeholder engagement capabilities
  • Ability to operate independently with strategic thinking and execution

Success Metrics

  • Sustained PCI DSS and regulatory compliance
  • Timely risk remediation and validated risk closures
  • Strong audit performance and visibility of risk posture improvements

Requirements

Academic, Vocational Qualification:

  • Bachelor degree from an accredited college or university in Computer Science, Information Security or related fields
Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent