Information Security Consultant

About the role

The Information Security Consultant will lead and coordinate the Information Security Governance (GRC) and Business Continuity functions across the organization and its subsidiaries. This senior, hands‑on role reports directly to senior management and is responsible for delivering end‑to‑end governance, risk, compliance and resilience initiatives.

Key responsibilities

• Establish, maintain and continuously improve the Information Security GRC framework, including policies, standards, procedures and governance structures.
• Lead enterprise‑wide risk management activities, ensuring alignment with UAE IA standards, ISO 27001, ISO 22301, NIST and other relevant regulations.
• Manage the full audit lifecycle – preparation, evidence collection, walkthroughs and timely closure of findings for internal, external and regulatory audits.
• Coordinate the Integrated Management System (IMS) across Information Security, Business Continuity and related domains, keeping documentation current and effective.
• Support the development of annual security plans, objectives and performance metrics aligned with corporate strategy.
• Act as primary point of contact for auditors, regulators and assurance partners, overseeing compliance and continuous improvement.

Required profile

• Senior professional with a proactive, independent approach and strong ownership.
• Excellent attention to detail and commitment to operational excellence.
• Proven experience delivering governance and resilience initiatives at an enterprise level.
• Ability to interact effectively with senior management and diverse business units.

Required skills

• Deep knowledge of ISO 27001, ISO 22301 and NIST frameworks.
• Familiarity with UAE IA standards and Cybersecurity Council policies.
• Expertise in GRC (Governance, Risk, Compliance) processes.
• Business Continuity Management and operational resilience experience.
• Audit management and regulatory compliance proficiency.

What we offer

• Opportunity to shape enterprise‑wide security governance.
• Direct exposure to senior leadership and strategic initiatives.
• Dynamic environment with a focus on continuous improvement.