322 Security Governance jobs in the United Arab Emirates

This role is responsible for ensuring the effective implementation and ongoing maintenance of our Information Security Management System (ISMS). The successful candidate will have a strong understanding of cybersecurity best practices, IT compliance frameworks, and a proactive approach to risk management.

1. Integration and Optimization of Compliance Processes
• Streamline and improve existing compliance tracking processes
• Develop and implement automated solutions to enhance efficiency and accuracy
• Ensure timely and accurate reporting on compliance status
2. Cybersecurity Policy Enforcement and Communication
• Ensure adherence to relevant cybersecurity standards and regulations
• Communicate and enforce cybersecurity policies and procedures effectively across the organization
• Conduct regular audits and assessments to identify and mitigate risks
3. Compliance Management Tool Administration
• Manage and maintain compliance management tools
• Configure and customize tools to meet specific business requirements
• Ensure data integrity and accuracy within the compliance management system
4. IT Monitoring and Escalation
• Monitor IT systems and security controls for any deviations or anomalies
• Escalate critical security incidents and issues to appropriate stakeholders
• Conduct root cause analysis of security incidents and implement corrective actions
5. Employee Training and Support
• Develop and deliver cybersecurity awareness training programs to employees
• Provide ongoing support and guidance to employees on cybersecurity best practices
6. Key Performance Indicators and Progress Tracking
• Define and track key performance indicators related to IT security and compliance
• Prepare regular reports on the status of IT security and compliance initiatives
7. Enhancements Design and Planning
• Identify and evaluate opportunities for improving IT security and compliance
• Develop and implement plans for enhancing IT security controls and processes
8. Adherence to IT Policies and Standards Operations
• Ensure adherence to all relevant IT policies and standards within the organization
• Conduct regular reviews of IT policies and procedures to ensure they are up-to-date and effective

Requirements:

1. Bachelor's degree in Computer Science, Information Systems, or a related field
2. 5+ years of experience in IT security and compliance roles
3. Strong understanding of cybersecurity frameworks and best practices
4. Experience with compliance management tools and platforms
5. Excellent communication, interpersonal, and presentation skills
6. Strong analytical and problem-solving skills
7. Ability to work independently and as part of a team
8. Experience in the Oil and Gas industry is highly advantageous

Preferred Certifications:

1. CISSP, CISM, CISA, or other relevant cybersecurity certifications

Opportunities for professional growth and development, collaborative and supportive work environment, competitive salary and benefits package

Secure your career with a challenging role as a Compliance Specialist Officer where you will ensure the secure operation of information assets in accordance with established processes and standards.

Key Responsibilities:

• Oversee and improve security programs, including data protection, risk management, compliance, and testing.
• Develop policies and procedures relevant to industry best practices and regulatory frameworks.
• Conduct scheduled audits on information assets and processes to maintain certifications and compliance certificates.
• Evaluate compliance of processes, procedures, systems, and applications against industry standards and best practices.
• Monitor advancements in security laws to ensure organizational adaptation and compliance.
• Prepare audit reports for stakeholders.
• Collaborate with teams to identify and communicate threats and vulnerabilities for remediation.

Requirements:

• Bachelor's degree in Computer Science or related field with IT experience.
• At least 5 years of IT experience focusing on security and compliance.
• Knowledge of security standards and best practices.
• Experience in writing policies, procedures, and controls.
• Understanding of computer networking and network security methodologies.
• Knowledge of risk management and cyber threats.
• Ability to work in fast-paced environments, handle ambiguity, and manage multiple priorities.

We offer:

• Competitive salary and performance-based bonus.
• Visa and health insurance.
• Leave benefits and annual return airfare.
• Opportunities for professional growth and development.

INSPIRE | EXHILARATE | DELIGHT

For over seven decades, Chalhoub Group has been a partner and creator of luxury experiences in the Middle East. In its pursuit to excel as a hybrid luxury retailer, the Group has curated a portfolio of over 10 owned brands and strengthened its distribution and marketing expertise for over 400 international names across luxury fashion, beauty, jewellery, watches, eyewear, and art de vivre categories.

Every step at Chalhoub Group is taken to build a future where luxury dreams become reality — bridging cultures and crafting memorable experiences for our consumers. Be it by constantly reinventing itself, committing to innovation, or embracing new technologies, the Group is shaping the future of luxury retail. It delivers seamless omnichannel experiences across more than 950 stores, online platforms, and mobile apps. Driving this innovation journey is The Greenhouse — the Group's innovation hub, incubator, and accelerator for startups and emerging businesses, regionally and globally.

Chalhoub Group fosters a people-at-heart culture rooted in diversity, equity, and inclusion, and a workplace catalysed by forward thinking and future-proofing. Today, it brings together over 16,000 talented professionals across eight countries in the Middle East, with a presence in LATAM. Their collective efforts have earned the Group the Great Place to Work certification in several markets.

Sustainability is at the core of the Group's strategy, guided by a clear commitment to people, partners, and the planet. Chalhoub Group is proud to be a member of the United Nations Global Compact, a signatory of the Women's Empowerment Principles, and to have pledged to reach Net Zero by 2040.

What You'll Be Doing

The AI and Information Security Lead will be instrumental in ensuring that AI systems and data assets are secure, compliant, and ethically managed, aligning with global best practices and regional regulatory standards. This role will drive security innovation, mitigate risks associated with AI technologies, and support the organization in adopting AI securely while ensuring the privacy and integrity of its data.

Key Responsibilities

• Develop and execute a comprehensive AI security strategy that aligns with Chalhoub Group's business objectives and digital transformation goals.
• Lead the integration of AI-driven security solutions into the Group's existing cybersecurity architecture, ensuring interoperability, scalability and resilience.
• Establish security frameworks for AI model development, deployment, and lifecycle management, incorporating best practices from NIST AI RMF and CSA's AI Organizational Responsibilities.
• Collaborate with data governance teams to ensure AI models adhere to privacy standards and ethical considerations throughout their lifecycle.
• Work closely with data governance teams to implement robust data protection measures, including encryption, access controls, and anonymization techniques, ensuring compliance with regional data protection laws such as the UAE's Data Protection Law and international standards like GDPR.
• Oversee the secure handling of sensitive data throughout the AI model lifecycle, from development to deployment, supporting business innovation while mitigating risks.
• Identify and assess emerging AI-driven security threats, implementing proactive measures to mitigate risks associated with adversarial AI, model poisoning, and data leakage.
• Lead the development and execution of AI-specific threat models and risk assessments, ensuring alignment with Chalhoub Group's overall risk management framework.
• Stay ahead of emerging threats in AI and data security, providing continuous threat intelligence and mitigation strategies.
• Ensure that AI systems adhere to ethical guidelines, promoting transparency, fairness, and accountability in AI decision-making processes.
• Monitor and enforce compliance with relevant regulations and standards, including ISO/IEC 27001, NIST 800-53, EU AI Act and the UAE's AI Ethics Guidelines.
• Act as a thought leader, driving internal awareness, training programs, and promoting a culture of responsible AI use and ethical data practices.
• Foster collaboration with cross-functional teams, including Tech&Data, legal, data privacy and compliance, to integrate AI security considerations into business processes and technological advancements.
• Engage proactively with external stakeholders, technology partners, vendors, and regulatory bodies to remain informed on emerging trends, best practices, and regulatory shifts relevant to AI and cybersecurity.
• Participate in hackathons, and crowd sourcing platforms effectively to progress on cyber 'definition of good'.

What You'll Need to Succeed

Bachelor's or Master's degree in Cybersecurity, Computer Science, Data Science, Artificial Intelligence, or a related field.

Advanced certifications or specialized courses in AI/ML or AI Security, such as:

• Certified Artificial Intelligence Practitioner or AI Security Practitioner certifications.
• Specialized AI/ML courses from recognized platforms like Coursera, edX, or AI-focused programs.

Industry-Specific Certifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Cloud Security Professional (CCSP)
• Certified Ethical Hacker (CEH)

Practical experience with securing AI/ML models, including the development of adversarial machine learning defenses, model validation, and securing AI pipelines.

Familiarity with security frameworks for AI/ML models such as NIST AI RMF, and CSA's AI Organizational Responsibilities.

Proficiency with popular AI/ML tools and libraries, including TensorFlow, PyTorch, scikit-learn, and cloud-based AI platforms (AWS, Azure, Google Cloud).

Knowledge of AI-driven cybersecurity applications, including anomaly detection, threat intelligence, and automated defense systems.

Working knowledge in LLM models like Gemini, Llama, GPT, DALL-E and frameworks like LangChain & Vector databases like Faiss, Pinecone etc.

Deep understanding of AI-specific risks such as model poisoning, adversarial attacks, and data leakage

What We Can Offer You

With us,you will turn your aspirations into reality. We will help shape your journey through enriching experiences, learning and development opportunities and exposure to different assignments within your role or through internal mobility. Our Group offers diverse career paths for those who are extraordinary, every day.

We recognise the value that you bring, and we strive to provide a competitive benefits package which includes health care, child education contribution, remote and flexible working policies as well as exclusive employeediscounts.

We Invite All Applicants to Apply

It Takes Diversity Of Thought, Culture, Background, Differing Abilities and Perspectives to truly Inspire, Exhilarate and Delight our customers. At Chalhoub Group, we are committed to inclusion and diversity.

We welcome all applicants to apply and be part of our exciting future. We ensure equal opportunity for all our applicants without regard to gender, age, race, religion, national origin or disability status.

As a leading organization in the technology domain, we are seeking an exceptional Security Platform Engineer to join our team.

This role performs critical security tasks such as performance and availability monitoring, log analysis, incident detection and response, security event reporting, and content maintenance. The successful candidate will be responsible for detecting and monitoring escalated threats and suspicious activity affecting our servers, networks, appliances, and infrastructure supporting production applications.

• Palo Alto Firewall and SASE experience is essential.
• The ideal candidate will administer our security tools to gather security logs from the environment.
• Responsibilities include lifecycle management of supported security tools/technologies, break-fix, patching, live updates, and adherence to SOPs.
• The selected candidate will document best practices and identify opportunities to make automations that aid the incident response team.
• Prominent skills required include security incident handling and response, attack analysis, malware analysis, network forensics, computer forensics, LAN technologies, Windows and Linux O/S's, and general security infrastructure.
• The chosen candidate will carry out agreed maintenance tasks, ensure knowledge article usage in incident diagnosis and resolution, assist with updating as needed, and perform defined tasks to monitor service delivery against SLAs.
• The successful individual will investigate causes of incidents, seek resolution, escalate unresolved incidents, and follow up until the incident is resolved.

Our client is a UAEbased bespoke IT services provider with a strong client base in Abu Dhabi. To support the growth of their cybersecurity service offering our client is seeking to recruit anInformation Security Engineerspecializing inNetwork Detection and Response (NDR)andMobile Device Management (MDM) technologies.

Information Security Engineer ExtraHop & Ivanti
Based in Abu Dhabi UAE

YOUR RESPONSIBILITIES:

• Deploy configure and maintainNDR solutions particularlyExtraHop to detect investigate and respond to security threats and anomalies across the organizations network and endpoints.
  
• Create syntaxes to detect indicators of compromise (IOCs) and malicious behavior from emerging threats. Write and execute queries in NDR systems to search for desired events.
  
• Develop and enforce security policies within NDR systems to strengthen endpoint and network security.
  
• Actively monitor and respond to security incidents conduct proactivethreat hunting and investigate anomalies to identify and neutralize potential security threats.
  
• Integrate NDR systems with other security tools SIEM platforms and threat intelligence sources in collaboration with crossfunctional teams.
  
• Provide training and raise security awareness regardingExtraHopsolutions and best practices among internal teams.
  
• Maintain thorough documentation of configurations policies and procedures related toExtraHop implementations generating detailed reports for compliance and management.
  

• A degree in Information Security Computer Science or a related field.
  
• 5 years of experiencedeploying and managingNDR solutions specificallyExtraHop and managingMDM solutionslikeIvantiorMobileiron.
  
• 5 years of experience in implementation of NDR solutions via ExtraHop and MDM solutions via Ivanti /MobileIron platform is a must.
  
• Indepth knowledge of security policies incident response and threat detection techniques.
  
• Strong problemsolving and analytical skills with experience in threat detection risk management and troubleshooting.
  
• Experience with otherSIEM security products(e.g. Splunk ArcSight Nitro or LogRhythm) andinfrastructure componentssuch as firewalls IDS/IPS and DLP systems.
  
• Excellent project management skills to oversee NDR implementations and integration projects.
  
• Effective communication skills and a passion for technology and cybersecurity.
  

• Join a growing company in the Middle East region.
  
• Competitive remuneration package.
  
• Work with highprofile clients in the UAE.
  

Please apply with an updated resume if you are interested in this opportunity. All applications will be treated as strictly confidential.

Comaea Consulting

We are seeking a highly skilled information security specialist with extensive experience in deploying and migrating Microsoft Defender solutions. This includes Microsoft Defender for Endpoint (MDE), Microsoft Defender for Cloud (MDC), and Microsoft Defender for Identity (MDI).

• Plan, design, and implement Microsoft Defender solutions (MDE, MDC, and MDI) for clients.
• Manage the end-to-end migration process from existing security solutions to Microsoft Defender suite.
• Ensure seamless integration and minimal disruption during the migration process.
• Integrate MDE, MDC, and MDI with existing client infrastructure and other security tools.
• Customize and configure each Defender solution to meet specific client security policies and requirements.
• Optimize security features and settings to enhance threat detection and response capabilities.
• Provide expert-level support during and after the migration phase.
• Troubleshoot and resolve issues related to MDE, MDC, and MDI deployments.

A bachelor's degree in computer science, IT, cybersecurity, or equivalent experience is required.

5+ years of experience as a security engineer are necessary.

Proficiency in MDI, MDC, MDE, excellent analytical and communication skills are also required.

Our team provides a collaborative environment that fosters growth and development opportunities.

With our focus on innovation and excellence, you will have the chance to work on cutting-edge projects and technologies.

At Papel Holdings, we're not just another Fintech company. We're on a mission to revolutionize the financial landscape. From innovative banking solutions to cutting-edge digital asset products, we're transforming how people interact with money.

Who We Are

At Papel Holdings, we're not just another Fintech company. We're on a mission to revolutionize the financial landscape. From innovative banking solutions to cutting-edge digital asset products, we're transforming how people interact with money.

Careers at Papel suit those who want to have an impact, who are comfortable getting uncomfortable, willing to take risks and win big. We are brave, laser-focused and have high aptitude, with a little playfulness for good measure. If you're someone who thrives on high accountability, possesses a start-up spirit, and flair for industry-savvy solutions, you'll fit right in.

If this resonates with you, you'll have the opportunity to make a real impact and be part of something that's changing how we interact with money and wealth.

POSITION OBJECTIVE

The Information Security Manager at Papel is a critical role responsible for overseeing and managing the organization's information security program, ensuring the confidentiality, integrity, and availability of our digital assets. This role encompasses the implementation and management of Payment Card Industry Data Security Standard (PCI DSS) compliance, penetration testing, and other relevant security measures / controls. The ISM will work closely with various departments and stakeholders to develop and maintain a robust cybersecurity posture that aligns with Papel's business objectives and risk appetite.

Responsibilities

• Develop, implement, and maintain a comprehensive information security program, including policies, procedures, and controls, to protect the company's assets, ensuring compliance with regulatory requirements and industry best practices
• Manage the implementation and maintenance of PCI DSS compliance, ensuring the company meets all relevant requirements and undergoes regular audits
• Implement and adhere to ISO 27001 standards
• Oversee and coordinate penetration testing activities, including vulnerability assessments, penetration testing, and security incident response, to identify and remediate potential security risks
• Collaborate with various departments and stakeholders to assess and address information security risks, ensuring that risk mitigation measures are in line with business objectives and risk appetite
• Monitor and analyse emerging cybersecurity threats and trends, recommending and implementing appropriate countermeasures to protect the company's assets
• Develop and deliver cybersecurity awareness and training programs to educate employees on the importance of information security and their role in maintaining a secure environment
• Manage relationships with external vendors and partners, ensuring that information security requirements are effectively communicated and integrated into third-party contracts and agreements
• Work with other stakeholders such as technical architects, product managers, developers to implement, configure or maintain security measures / controls
• Work closely with the CTO to continuously improve cyber security policies, processes, tools and controls

Requirements

• 7+ years information and cyber security experience in financial services. Fintech experience is a major plus
• Strong analytical skills with high attention to detail
• Good communication and interpersonal skills
• Demonstrated analytical skills and attention to detail
• Strong understanding of regulatory standards governing the fintech, digital assets and global payment industry
• Experience working in a fast-paced, dynamic environment, preferably in a start-up, digital assets or fintech company.

Other Skills

• Strong written and verbal communication skills
• High level of organization and ability to manage multiple priorities simultaneously
• Excellent problem-solving capabilities
• High ethical standards and professionalism, with a commitment to confidentiality
• Ability to work effectively in a team as well as independently
• Competitive pay
• Discretionary bonus

Seniority level

Seniority level

Mid-Senior level

Employment type

Employment type

Full-time

Job function

Job function

Information Technology

IT Services and IT Consulting

Referrals increase your chances of interviewing at PAPEL Holding by 2x

Sign in to set job alerts for "Information Security Manager" roles.

Chief Information Security Officer (CISO)

Contract Assistant Manager - Luxury Hotels

Technical Product Owner - CPS / Innovation / Aviation

Manager – IT Security & Networks (Emirati Talent)

Chief Specialist - Enterprise Command & Control Center Systems

Chief Specialist - Data - Governance & Compliance Audit

Project Manager -(Information Security-Govt. Projects)-Dubai

Chief Specialist - Data - Governance & Compliance Audit

Chief Auditor - Corporate Monitoring - UAE Nationals Only

Chief Auditor - Corporate Monitoring - UAE Nationals Only

Chief Specialist - Contracts & Agreements

Chief Specialist - Contracts & Agreements

Senior Security Specialist | ICT & IT Security

Engineer - information Security -UAE Nationals Only

Engineer - information Security -UAE Nationals Only

Unmanned Aerial Vehicle System Chief Specialist

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr

Security Manager
• Dubai, Dubai, United Arab Emirates

Job Title: Information Security Specialist

The role of the Information Security Specialist will be to design and implement security controls to safeguard an organization's data and systems. This position will involve configuring, maintaining, and monitoring security devices as well as conducting vulnerability assessments and responding to security incidents.

1. Configure and manage various types of security devices including firewalls, intrusion detection and prevention systems, and security information and event management systems.

2. Conduct thorough vulnerability assessments and penetration testing to identify potential security weaknesses.

3. Rapidly respond to security incidents, perform forensic investigations, and provide detailed incident reports.

4. Develop and enforce robust security policies and procedures to ensure compliance with industry standards and regulations.

5. Maintain continuous surveillance of security logs and alerts to stay ahead of emerging threats.

6. Implement and configure cloud security tools to protect against cyber threats.

A minimum of 10 years of experience in information security is required for this position. Applicants should have a strong understanding of security engineering principles and practices.

The Senior Information Security Analyst is a pivotal role in safeguarding the confidentiality, integrity, and availability of information assets. This critical position requires an individual with strong IT security knowledge, exceptional analytical skills, and experience in implementing corrective actions to mitigate security violations.

• Identify and recommend corrective measures for security breaches
• Conduct vulnerability assessments and recommend remediation strategies
• Communicate potential threats to sensitive information
• Support report development for management and audits
• Test security controls for compliance with ISO27001, ISR, and other regulatory requirements

To succeed in this challenging role, candidates should possess a Bachelor's degree in Computer Science or IT, 3+ years of relevant experience, and knowledge of prominent security certifications (CISSP, CISA, CISM, GIAC). Strong problem-solving skills, excellent communication, and interpersonal abilities are essential for effective collaboration with diverse stakeholders.