Information and Cyber security Analyst

Bachelor of Technology/Engineering(Information technology), MBA/PG Diploma in Business Mgmt

Nationality

Any

Vacancy

1 Vacancy

Job Description

1. ICS Governance

•Develop, maintain, and update the Information Security Management System (ISMS) and Business Continuity Management System (BCMS) frameworks.

•Define and maintain corporate security policies, procedures, standards, and guidelines.

•Coordinate annual and quarterly management reviews, risk assessments, and policy updates.

•Drive employee security awareness and compliance training programs.

•Perform vendor/third-party risk assessments and due diligence reviews.

•Ensure risk management practices are embedded in key business processes.

2. Compliance Management

•Lead certification, surveillance, and re-certification audits for:

ISO 27001 (Information Security Management)

ISO 22301 (Business Continuity Management)

PCI DSS v4.0.1 (Payment Card Industry Data Security Standard)

SOC 2 Type 2 (Service Organization Controls)

UAE IAR (Information Assurance Regulation)

GDPR (General Data Protection Regulation)

•Manage documentation of controls, policies, procedures, and evidence collection for audits.

•Maintain and track compliance obligations and ensure ongoing alignment.

Internal

3. Audit Management

•Serve as the primary point of contact for external and internal audits.

•Coordinate audit scoping, planning, evidence gathering, responses, and closure of audit findings.

•Perform internal readiness reviews ahead of external audits and attestations.

•Work closely with the Data Protection Officer (DPO) to operationalize privacy obligations under UAE DPL and GDPR.

•Ensure processes are in place for:

-Data subject rights requests (DSAR)

-Data protection impact assessments (DPIA)

•Interface with UAE regulatory bodies as needed for compliance reporting and certifications.

Desired Candidate Profile

•5–7 years of progressive experience in ICS GRC, compliance, and audit functions.

•Hands-on experience leading certification and compliance initiatives across PCI DSS, ISO 27001, ISO 22301, SOC 2 Type 2, GDPR, UAE IAR, and UAE DPL.

•Strong understanding of security, privacy, and business continuity frameworks.

•Familiarity with cloud compliance (AWS, Azure) and SaaS environments.

•Excellent project management, analytical, communication, and stakeholder management skills.

Preferred Certifications

•Certified Information Security Manager (CISM)

•Certified Information Privacy Professional (CIPP/E or equivalent)

•Certified Business Continuity Professional (CBCP) is an advantage

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com