Group Vice President for Cyber Audit in Dubai

The role: As the Group Vice President for Cyber Audit, your primary purpose is to lead and oversee the development, implementation, and continuous improvement of a robust global independent cybersecurity assurance program within our organization.

Your role is critical in providing independent oversight and assurance to senior management and stakeholders that our cybersecurity measures effectively protect the organization’s digital assets and data.

 

You will:

Lead complex IT and cybersecurity audits, assessments, penetration tests to evaluate effectiveness of security controls, manage external auditors and consultants as necessary.

Establish and maintain a Cybersecurity Assurance Programme that includes overall framework, Cyber Assurance strategy, annual assurance plan, procedures, standards, and controls to safeguard our digital infrastructure and sensitive information.

Independently assess compliance with relevant regulatory requirements, industry standards, and cybersecurity frameworks.

Collaborate with Group Technology teams to align cybersecurity assurance efforts with their cybersecurity operations and technical initiatives. Leverage each team’s distinct roles and expertise for a holistic approach to cybersecurity.

 

Job Accountabilities T

o deliver Cyber Assurance Program which includes complete IT Security and Cyber security related audits independently across all group entities. Lead the Cyber Security Audit team to deliver Cyber Security assurance program, to deliver targeted audits addressing the highest risks and areas that matter the most for our business.

Continuously monitor and assess emerging threats and vulnerabilities, and update Cyber Assurance Program accordingly. Project manage all Cyber Security Assurance work including directing, coordinating, reviewing, and reporting of the work of Security audit teams and providing expertise in all IT and Cyber Security related matters and audits.

Conduct Cyber Security Audits using tools and or manual exploitation techniques, document and present conclusions in a clear concise manner to business unit management and group senior management and agree all IT control and process improvements and recommendations which may include operational enhancements or efficiencies, and the preparation of audit reports as well as documenting controls;

Manage the Development, execution and maintenance of comprehensive IT security audit work programs including common OS, network & database security, portals and application, internal and external penetration tests, configuration audits etc.

Keep self and team up to date and educate team members on IT industry trends and advancements by investing in self-learning and being an active member and contributor at organizations such as ISACA, IS forums, IT Audit groups, Seminars – IT Risks and Controls, IT Security – threats and controls, Emerging IT Risks Ability to quickly identify signs of control and procedure weaknesses or failures within disparate business functions, and regular travel for the business (typically 50%+) are essential.

You will be expected to perform all assigned audit duties in manner that reflects the highest professional standards and complies with the guidelines of the Institute of Internal Auditors.