Location :- Dubai, United Arab Emirates
Reporting To :- Head of Information Security (CISO)
Email :- hr@staffconnect.ae
WhatsApp :- +971 52 942 1270
Job Summary
Seeking an experienced Information Security Administrator to support and strengthen its Information Security function. The successful candidate will be responsible for administering day-to-day information security operations, ensuring compliance with governance frameworks, managing security policies and standards, and supporting risk management initiatives across the organization.
Working closely with the Head of Information Security (CISO), the role will collaborate with an internal Information Security team and a Managed Security Operations Center (SOC) partner to ensure the confidentiality, integrity, and availability of the organization’s information assets while maintaining compliance with regulatory and industry standards.
Key Responsibilities
Information Security Operations
- Administer and oversee daily Information Security operations across the organization.
- Coordinate with the internal Information Security team and Managed SOC partner to monitor, assess, and respond to security events.
- Support incident management, vulnerability remediation, and security monitoring activities.
- Ensure effective implementation of security controls across IT infrastructure and business applications.
Governance, Risk & Compliance (GRC)
- Support and maintain the organization’s Information Security Governance, Risk, and Compliance (GRC) framework.
- Conduct security risk assessments and monitor mitigation plans.
- Manage third-party/vendor security risk assessments and compliance reviews.
- Ensure compliance with internal security policies, regulatory requirements, and industry standards.
- Support audit activities and closure of audit findings.
Policy & Documentation Management
- Draft, review, update, and maintain Information Security policies, standards, procedures, guidelines, and Standard Operating Procedures (SOPs).
- Ensure documentation remains aligned with evolving regulatory and business requirements.
- Promote awareness and adherence to Information Security policies across the organization.
Security Governance & Compliance
- Participate in Information Security governance initiatives.
- Support data protection and privacy-related projects.
- Assist in AI governance and emerging technology security initiatives.
- Monitor compliance with established security frameworks and regulatory obligations.
Risk Management
- Identify, assess, and monitor information security risks.
- Recommend appropriate security controls to mitigate identified risks.
- Support business continuity planning and disaster recovery governance activities.
- Participate in Business Impact Analysis (BIA) and continuity planning exercises.
Stakeholder Collaboration
- Collaborate with IT Infrastructure, Application, Risk, Compliance, Audit, and Business teams to implement security controls.
- Coordinate with external auditors, regulators, consultants, and third-party vendors as required.
- Provide Information Security guidance and recommendations to business stakeholders.
Continuous Improvement
- Monitor emerging cybersecurity threats, vulnerabilities, and industry best practices.
- Recommend improvements to security processes, controls, and governance practices.
- Support security awareness initiatives and contribute to building a security-focused culture.
Required Qualifications
- Bachelor’s Degree in:
* Information Security
* Cyber Security
* Computer Science
* Information Technology
* Computer Engineering
* or a related discipline.
Professional Certifications (Preferred)
Candidates holding one or more of the following certifications will be preferred:
- ISO/IEC 27001 Lead Implementer or Lead Auditor
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CompTIA Security+
- Certified in Risk and Information Systems Control (CRISC)
- Certified Ethical Hacker (CEH) (Advantage)
Experience
- 5–6 years of relevant experience in Information Security, Governance, Risk & Compliance (GRC), or Cyber Security.
- Experience working within regulated industries such as Insurance, Banking, Financial Services, or Healthcare is preferred.
- Experience supporting Managed Security Operations Center (SOC) environments is an advantage.
Technical Skills
- Information Security Governance
- Risk Assessment & Risk Management
- IT Governance & Compliance
- Security Policy Development
- Third-Party Risk Management
- Information Security Audits
- Business Continuity & Disaster Recovery
- Security Incident Coordination
- Data Protection & Privacy
- Security Documentation & SOP Development
- Regulatory Compliance
- AI Governance Awareness
- Vulnerability Management
- Security Control Assessment
Key Competencies
- Strong analytical and problem-solving skills.
- Excellent communication and stakeholder management abilities.
- High attention to detail and documentation skills.
- Strong understanding of security governance principles.
- Ability to manage multiple priorities in a fast-paced environment.
- Collaborative team player with a proactive approach to security improvement.
Preferred Candidate Profile
Candidates with experience in the following environments will be preferred:
- Insurance
- Banking & Financial Services
- Healthcare
- Large Enterprise IT Environments
- Information Security Governance & Compliance
- Managed Security Services (SOC)

