Senior Security and Compliance officer

Emaratech


Date: 3 weeks ago
City: Dubai
Contract type: Full time

Role Overview

The Senior Security and Compliance Officer will lead the end-to-end implementation and oversight of the organization's information security governance, risk management, and compliance (GRC) initiatives.

The role is dedicated to ensuring alignment with global standards and regional regulatory frameworks within a highly regulated environment.

Key Responsibilities

Governance & Compliance

• Manage full lifecycle compliance with ISO/IEC 27001, PCI DSS v4.0.1, NIST, UAE PDPL, UAE Central

Bank regulations, and other applicable laws.

• Develop, review, and maintain information security policies, procedures, and governance documents.

• Serve as the single point of contact for InfoSec compliance.

Risk Management

• Lead technology and information security risk assessments across all domains.

• Maintain centralized risk registers with clear ownership, treatment plans, and traceability.

• Provide regular risk posture reports and validate remediation effectiveness.

Audit & Regulatory Oversight

• Plan and manage audits, inspections, regulatory assessments, and certifications.

• Coordinate internal and external stakeholder responses and ensure closure of findings.

PCI DSS v4.0.1 Compliance

• Own PCI DSS compliance program, including scoping, assessment coordination, remediation, and

documentation management.

• Track scope-impacting changes in systems or vendors.

Awareness & Training

• Design and manage induction and awareness programs via LMS platforms.

• Automate training lifecycle and track compliance for audit readiness.

Vendor & Third-Party Risk

• Perform third-party risk assessments and ensure contractual compliance with InfoSec, PCI DSS, and CPR requirements.

Continuous Improvement

• Monitor regulatory changes and drive maturity improvements across GRC processes and tooling.

Qualifications & Experience

• Education: Bachelor’s in InfoSec, Computer Science, Risk Management, or related fields.

• Experience: 8+ years in Information Security GRC roles, preferably in banking, fintech, or regulated sectors.

• Certifications (Preferred): CISSP, CISM, CRISC, ISO 27001 LA/LI, PCI DSS.

Core Skills

• Deep understanding of information security frameworks and risk governance.

• Strong documentation, analytical, and stakeholder engagement capabilities.

• Ability to operate independently with strategic thinking and execution.

Success Metrics

• Sustained PCI DSS and regulatory compliance.

• Timely risk remediation and validated risk closures.

• Strong audit performance and visibility of risk posture improvements.

Requirements

Academic, Vocational Qualification:

  • Bachelor degree from an accredited college or university in Computer Science, Information Security or related fields

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Automation & STP Manager

Triniti, Dubai
18 hours ago
Position: Automation & STP Manager Location: Dubai or India Duration: 6 months and extendable Role Purpose: – The Automation & STP Manager drives operational excellence and transformation within the Operations function. Key Responsibilities: – Manage automation factory covering RPA, workflow and IDP. Drive straight-through-processing initiatives. Build automation roadmap and business cases. Track automation benefits and ROI. Key Performance Indicators: –...

Lean Transformation Manager

Triniti, Dubai
18 hours ago
Position: Lean Transformation Manager Location: Dubai or India Duration: 6 Months and Extendable Role Purpose: – The Lean Transformation Manager drives operational excellence and transformation within the Operations function. Key Responsibilities: – Lead Lean Six Sigma initiatives. Conduct value stream mapping and waste elimination workshops. Drive productivity and turnaround-time improvements. Facilitate Kaizen programs. Key Performance Indicators: – Cost savings Cycle...

Executive Director, Brand Partnerships

Influencer, Dubai
2 days ago
Who are we?Influencer is a global creator marketing agency on a mission to shape the future of marketing by humanizing brands. By placing creators at the center, the agency delivers creator-first solutions across creative, media, and commerce that connect brands with audiences through insight-driven creator campaigns built to stop the scroll and drive measurable impact.Founded in 2015 by YouTuber-turned-entrepreneur Caspar...