Job Description
Our Client is seeking a seasoned Information Security Leader to drive the cybersecurity strategy across their investment portfolio. This role is responsible for establishing a group-wide cybersecurity governance framework, aligning with risk and resilience teams, and ensuring preparedness for audits and regulatory compliance. The ideal candidate will provide leadership, technical expertise, and strategic vision to elevate the cybersecurity maturity of all portfolio companies.
Key Responsibilities :
- Establish and maintain a group-level information security governance framework, aligned with enterprise risk and resilience functions.
- Lead the Portfolio Information Assurance team, ensuring cybersecurity goals are aligned with broader organizational strategy.
- Develop, implement, and enforce cybersecurity policies, procedures, and standards across portfolio entities.
- Oversee and enhance the implementation of security controls and frameworks to increase overall cybersecurity maturity.
- Manage cybersecurity budgets and resources, ensuring efficient use and prioritization of security initiatives.
- Conduct cybersecurity risk assessments, identify vulnerabilities, and recommend effective risk mitigation strategies.
- Prepare and support audit readiness across portfolio companies; ensure alignment with internal and external compliance standards.
- Provide regular cybersecurity updates and risk posture reports to executive boards and governance bodies.
- Drive adoption and integration of Governance, Risk, and Compliance (GRC) tools for informed, risk-based decision-making.
- Spearhead cybersecurity awareness and training programs across the organization and promote best practices.
- Participate in M&A due diligence by evaluating cybersecurity risks of acquisition targets.
- Represent the organization in the cybersecurity community, leading CISO roundtable, forums, and knowledge-sharing initiatives.
- Manage cyber insurance coverage as a strategic component of the organization’s risk treatment plan.
- Stay current with emerging technologies, threats, regulations, and market trends to ensure continuous improvement of security posture.
- Maintain a comprehensive cybersecurity metrics and reporting framework to track performance and drive accountability.
Requirements
Bachelor’s or Master’s degree in Information Security, Computer Science, Engineering, or related disciplineMinimum 15 years of experience in information security, with proven leadership in transformation and governance rolesStrong knowledge of ISO 27001, UAE Information Assurance Standards, NIST, and other global cybersecurity regulationsDemonstrated experience in managing complex cybersecurity transformation initiatives across multiple business units or entitiesSkilled in executive communications, including board-level reporting and stakeholder engagementHands-on experience with cybersecurity risk management, compliance frameworks, and audit readinessExperience with cyber insurance management and aligning coverage with organizational risk appetiteStrong leadership skills with a history of managing and mentoring high-performing teamsAdept at working under pressure in high-stakes, fast-paced corporate environmentsFamiliarity with GRC platforms, enterprise security architecture, and security operations best practices