FIND_THE_RIGHTJOB.
Senior cyber security consultant
Dubai, United Arab Emirates
Job Title: Senior Cyber Security Consultant – GRC & Compliance
Department: Information Security / Risk & Compliance
Reporting To: Chief Information Security Officer (CISO)
Experience Required: 5–8 years in Cyber Security with focus on GRC & Compliance
Location: Dubai, UAE
Duration: 6 Months (Extendable)
About the Role
We are seeking a skilled Senior Cyber Security Consultant (GRC & Compliance) to strengthen governance, risk, and compliance initiatives while ensuring security oversight across enterprise systems. This role requires expertise in program development, regulatory compliance, incident management, infrastructure security, and stakeholder engagement. You will also manage critical security tools, assess risk posture, and provide clear reporting to leadership.
Key Responsibilities
- Risk Oversight: Identify, assess, and monitor cyber risks across business functions and technology environments. Recommend actionable mitigation strategies.
- Program Development: Design and implement security and compliance programs aligned with global standards (ISO 27001, NIST, GDPR, PCI DSS, etc.).
- Governance & Compliance:
- Develop and enforce governance structures, policies, and controls.
- Ensure compliance with regional and international regulations (UAE, KSA, Oman, Qatar, UK, USA).
- Conduct compliance reviews, audits, and gap assessments.
- Incident Management: Support and coordinate incident response processes, lead post-incident reviews, and ensure lessons learned are integrated into programs.
- Network Security Review: Evaluate network design, architecture, and controls to identify weaknesses and recommend improvements.
- Infrastructure Security Assessment: Assess cloud, on-premises, and hybrid infrastructure to validate security and compliance posture.
- Tool Management: Implement and manage enterprise cyber security tools to safeguard organizational systems and data.
- Reporting: Generate metrics and dashboards on risk posture, security tool effectiveness, and compliance status for senior leadership.
- Stakeholder Management: Act as a trusted advisor to leadership, bridging technical and business requirements to align security with organizational priorities.
Required Qualifications
- Experience: 5–8 years in cyber security with a strong focus on GRC, compliance, and risk management.
- Technical Knowledge:
- Strong understanding of infrastructure and network security principles.
- Hands-on experience with enterprise solutions such as DLP, EDR, PAM, CASB, or equivalent tools.
- Familiarity with incident response processes and risk assessment methodologies.
- Compliance Knowledge: Practical experience with compliance frameworks (ISO 27001, NIST, GDPR, PCI DSS, local UAE/KSA regulations).
- Certifications (Preferred): CISA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer.
- Soft Skills:
- Strong stakeholder engagement and communication abilities.
- Proven ability to influence and advise senior leadership on cyber risk.
- Strong analytical, documentation, and reporting skills.
Preferred Attributes
- Experience in regulated, multinational environments.
- Ability to design and execute enterprise-level GRC programs.
- Strong track record of translating technical controls into risk-based business insights.
Job Type: Full-time
Pay: AED15,000.00 - AED18,000.00 per month
Application Question(s):
- How many years of hands-on experience do you have in implementing or auditing frameworks such as ISO 27001, NIST, GDPR, or PCI DSS?”
- “Do you have practical, hands-on experience with enterprise security solutions such as DLP, EDR, PAM, or CASB? (Yes/No — please specify which tools)”
- Have you worked with regional compliance requirements such as UAE (NESA/ADHICS) or KSA (SAMA)? (Yes/No)”
Similar jobs
IT Consultant Cybersecurity - Platinion
Boston Consulting Group (BCG)
Dubai, United Arab Emirates
2 days ago
Cyber Security Analyst
Department of Finance
Dubai, United Arab Emirates
2 days ago
SAP GRC Consultant (Implementation)-Remote
Müller's Solutions
Dubai, United Arab Emirates
7 days ago
GRC Consultant
International Free Zone Authority | IFZA
Dubai, United Arab Emirates
7 days ago
Senior Cybersecurity Assurance Analyst - Metrics & Data Insights
Emirates
Dubai, United Arab Emirates
9 days ago
Cybersecurity Advisory - Practice Lead CEMEA
Visa
Dubai, United Arab Emirates
9 days ago
Cyber Strategy Consultant - Emirati Nationals Only
Accenture
Dubai, United Arab Emirates
9 days ago
© 2025 Qureos. All rights reserved.