Own cyber security compliance by owning and execution of an organizational cyber security compliance program. Be accountable for compliance of Emirates Group IT’s compliance to relevant Regulatory frameworks such as e.g. PCI/DSS and GDPR, as well as Emirates Group’s own compliance frameworks. Provide consultation, tools, and training to IT departments to achieve the desired level of compliance in applications, packages and infrastructure implemented by IT, and an improvement in the overall compliance of the organisation.
JO B ACC OU NTABILITIE S LIN K ED T O OBJECTIVE AREAS ( M AXIMUM O F 10)
1. Take overall responsibility and ownership CyberSecurity compliance to provide necessary consultancy and steer to the Emirates Group, in close collaboration with the other CyberSecurity and Business functions (e.g. Finance for PCI/DSS and Legal for GDPR), for prevention of non-compliances. This function is deemed 2nd line of defence for Emirate Group IT Compliance to regulations and therefore should be at the forefront of evolving regulatory requirements.
2. Accountable for reporting and communication to relevant stakeholders about the level of compliance to the policy framework. Drive EGIT for remediation of repeated non-compliance to the policy frameworks by working with IT and the Group management and ensure there is enough support to actions that might need to be taken to enforce compliance.
3. Drive and co-ordinate all cyber security-related assessment on behalf of IT in respect to SAS70, ISO27001. The responsibility includes ongoing management of IT security standards such as PCI DSS as well as support of EU GDPR in close collaboration with Legal and Internal Audit, supported by the subject matter expertise in the compliance team.
4. Own PCI/DSS and GDRP assurance processes for EGIT comprehensively the ones covering all IT assets in scope for the Group.
5. Own and drive in collaboration with other IT and Business functions a continuous compliance improvement program for IT’s compliance for EU GDPR.
6. Plan and collate measurement metrics that will provide a realistic view of the compliance state of the IT environment of Emirates Group to all stakeholders. Manage an internal security compliance team and ensure proper regulatory expertise.
7. Drive industry best practice research for regulatory compliance with the aim to continuously improve planning and managing of operational budget so that all activities are carried out maximise productivity and enable cost efficiency. Drive a balanced approach I respect to efforts versus risk of non-compliance. (fit for purpose)
QUALIFICATIONS & EXPERIENCE
Degree in a subject relevant to IT (12+3 or equivalent)
PCI/DSS, Basel II
8+ years of leadership experience of which at least three years should be at a senior level in IT Security / CyberSecurity, within an Operational environment.
Organization design and implementation
IT measures and metrics (KPIs)
IT Quality Management
Security Frameworks (ISO27001)
Other languages besides English:
Safety Sensitive Role:
SALARY & BENEFITS
Join us in a management role and enjoy an attractive tax-free salary. On top of our generous travel benefits, including discounted flights and hotel stays around the world, this managerial role also has an excellent leave and healthcare package. That’s on top of transport benefits, life insurance and more. Find out what it’s like to live and work in our fast-paced, cosmopolitan home city in the Dubai Lifestyle section of our website www.emirates.com/careers
Mention that you found this ad on Bibango.com when you Call or Message.