Senior Director - Technology Risk and Compliance

Overview

The Senior Director, Technology Risk and Compliance is a strategic leadership role responsible for overseeing cybersecurity operations, resilience, and risk management across G42 and its operating companies. The role drives governance, assurance, and compliance initiatives, supports responsible AI through security assessments, and advises on enterprise and security architecture. It also leads key functions such as DFIR, business continuity, DevSecOps, and information assurance, while serving as a key advisor to senior SVP Technology Risk and Compliance on emerging cybersecurity and technology risks.

Responsibilities

• Cybersecurity Operations Oversight: Lead and manage end-to-end cybersecurity operations for G42, including threat monitoring, incident response, vulnerability management, and security analytics across AI and cloud infrastructure.
• Cybersecurity Resilience & DFIR: Oversee the Digital Forensics and Incident Response (DFIR) function, ensuring rapid detection, containment, and recovery from cyber threats across AI workloads and critical infrastructure.
• Drive cyber resilience strategies that align with evolving threat landscapes in AI and cloud-native environments.
• Cybersecurity Governance & Risk Advisory: Support the implementation and continuous improvement of cybersecurity governance across G42's operating companies.
• Collaborate with the Head of Enterprise Risk and SVP of Technology Risk to identify, evaluate, and communicate cybersecurity and technology risks.
• Ensure alignment of risk posture with regulatory, sovereign, and ethical AI obligations.
• AI Systems Assurance: Conduct cybersecurity assurance assessments for AI systems to support Responsible AI commitments, ensuring security, privacy, and compliance across model lifecycle and data pipelines.
• Enterprise & Security Architecture Advisory: Serve as a subject matter expert in secure architecture for AI Cloud, Sovereign Cloud, Private Cloud, and GPUaaS.
• Provide security input into the design and integration of cloud-native services and platforms.
• Policy Development and Compliance Monitoring: Lead the development, implementation, and enforcement of cybersecurity and technology risk policies across the G42 enterprise.
• Monitor compliance with internal standards and external regulatory frameworks (e.g., ISO 27001, NIST, UAE IA standards).
• Information Assurance & Critical Projects: Oversee security assurance for strategic AI, cloud, and infrastructure projects, ensuring adequate controls are embedded from inception to deployment.
• Business Continuity and Disaster Recovery (BC/DR): Support and validate BC/DR planning and testing across G42 and its subsidiaries to ensure organizational resilience during cyber or operational disruptions.
• Cybersecurity Talent Management: Lead and mentor a high-performing cybersecurity team at the Group level.
• Define skill development roadmaps and foster a culture of continuous improvement and learning.
• DevSecOps Enablement: Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines and foster a DevOps culture aligned with the principles of Flow, Feedback, and Continuous Learning.
• Provide expert guidance on secure software development and deployment practices, especially for AI and high-performance compute applications.
• Stakeholder Engagement & Advisory: Act as the central liaison with the CISO and security leads across G42’s operating companies.
• Provide strategic input to executive leadership on emerging threats, compliance risks, and technology risk posture.
• Cloud Security Oversight: Drive security strategy and control implementation across G42’s cloud environments—AI Cloud, Sovereign Cloud, Private Cloud, and GPUaaS.
• Ensure alignment with data sovereignty, privacy, and ethical AI standards within cloud and data center environments.
  
  

Qualifications

• Master’s degree in Cybersecurity, Information Security, Computer Science, or a related technical field.
• Over 15 years of progressive experience in cybersecurity, risk management, and compliance, with a strong background in shaping and executing enterprise-wide security strategies in complex, multinational environments.
• Demonstrated leadership in establishing and governing cybersecurity operations, including incident response, threat intelligence, digital forensics, and security monitoring across cloud and on-premise ecosystems.
• Deep understanding of security frameworks such as NIST CSF, ISO/IEC 27001, GDPR, ADGM, and NESA, with experience translating regulatory requirements into actionable security programs and policies.
• Proven ability to develop and implement cybersecurity strategies that support business growth, ensure regulatory compliance, and enhance organizational resilience.
• Hands-on experience with security architecture and control implementation across multi-cloud and hybrid platforms, including Azure, AWS, sovereign cloud, and GPU-based infrastructure.
• Expertise in defining and governing cyber resilience, business continuity, and disaster recovery programs across large, distributed technology environments.
• Strong knowledge of secure digital transformation principles, with a track record of embedding security into cloud migration, AI integration, and DevSecOps practices.
• Experience in leading high-impact cybersecurity initiatives, including Zero Trust adoption, security control optimization, and risk posture improvement across AI and high-performance computing environments.
• Skilled in managing governance frameworks, conducting enterprise-wide risk assessments, and developing executive-level risk and compliance reports for Boards and senior stakeholders.
• Familiar with emerging technologies and their associated risks, including AI systems, data pipelines, and cloud-native applications, with experience conducting assurance reviews aligned to Responsible AI principles.
• Proven success in building and leading diverse cybersecurity teams, fostering a culture of accountability, innovation, and continuous improvement.
• Excellent communication and stakeholder engagement skills, with the ability to convey complex technical concepts to executive leadership and cross-functional teams.
• Recognized industry certifications such as CISSP, CISM, CRISC, or equivalent, with continuous commitment to professional development and staying current with global cybersecurity trends.