Back to search

Cybersecurity Governance & Cloud Risk (GRC) - FS

International Permanent AED28,000 - AED32,000 per month (AED336,000 - AED384,000 per year) View Job Description
This role sits at the intersection of cybersecurity governance, audit, and cloud/SaaS risk assessment. You will take ownership of audit activities, lead vendor security reviews, and play a key role in approving or rejecting technology solutions based on cybersecurity risk.
  • High impact, high ownership role within a cybersecurity team
  • Strong focus on audits, SaaS/cloud security, and governance

About Our Client

A highly regulated organisation in Dubai with an established cybersecurity function, focused on strengthening governance, managing risk, and improving security oversight across cloud and SaaS environments. The team is offering strong ownership and exposure to key decision making forums.

Job Description

  • Manage cybersecurity audits and compliance activities (ISO, SOC2, GDPR, UAE regulations), including evidence collection and responses
  • Assess and approve/reject SaaS and cloud solutions, evaluating areas such as data hosting, encryption, compliance, and security posture
  • Design and manage vendor security questionnaires and conduct end-to-end risk assessments
  • Lead the Cloud Security Committee, working with cross-functional stakeholders to make risk-based decisions
  • Confidently challenge vendors and internal stakeholders using clear, evidence-based reasoning
  • Support cybersecurity initiatives across areas such as IAM, third-party risk, and cloud security (non-hands-on)
  • Apply understanding of key security concepts such as SSO, encryption, access control, and common security tools
  • Prepare reports, dashboards, and KPIs for leadership and governance forums
  • Support AI security assessments, including evaluation of tools like ChatGPT/LLM platforms and associated risks
  • You will also support broader cybersecurity initiatives and reporting while working closely with stakeholders across IT, Legal, Compliance, and the business.

The Successful Applicant

  • 7-10 years experience in cybersecurity, ideally within Big 4 / consulting (Cyber, Risk, Technology) or Banking, investment, or other regulated environments
  • Strong experience in:
    • Cybersecurity audits and compliance frameworks (ISO, SOC2, GDPR, UAE frameworks etc.)
    • Vendor risk management and SaaS/cloud security assessments
  • Good technical understanding (not purely policy focused), including:
    • Cloud basics (Azure)
    • SSO and authentication
    • Encryption and data protection
    • Security tools such as PAM, endpoint protection, firewall, access etc.
  • Experience assessing vendors and challenging gaps and working cross functionally in an organisation.
  • Confident communicator, able to push back and make decisions independently
  • Comfortable working in a small team with limited hand holding
  • Open to learning and developing in areas such as AI security and emerging risks

What's on Offer

  • High ownership role
  • Direct involvement in decision making on technology and vendor approvals
  • Strong exposure to senior stakeholders and governance forums
  • Opportunity to work across cloud, SaaS, and emerging areas like AI security
Contact
Ruwise Sheriff
Quote job ref
JN-062026-7044239

Job summary

Sector
Technology
Subsector
Consulting
Industry
Financial Services
Location
International
Contract type
Permanent
Consultant name
Ruwise Sheriff
Job reference
JN-062026-7044239

What's Next?

Expertise Jobs Advice Contact