Information Security GRC Manager Chalhoub Group Dubai

Chalhoub Group is seeking an experienced Information Security GRC Manager in Unit GS, 075, Financial Center Rd, Downtown Dubai, Dubai, UAE to work in the Information Security function of the group. Candidate will play a key role in safeguarding the group’s information assets and infrastructure and ensuring compliance with industry standards, regulations, and internal control frameworks. This position demands a strategic thinker with a solid risk management and ISO background, capable of managing and mitigating cyber risks through strong collaboration with cross-functional teams and relevant stakeholders. This is a Senior level full time job. And salary can range between 15000-27000 AED/month.

Responsibilities of Information Security GRC Manager

• Risk Management: Identify, assess, and prioritize security risks associated with the group’s Information assets, systems, and services.
• Implement risk management processes and capability to enable continuous monitoring of control effectiveness and key risk indicators.
• Develop and implement security risk mitigation strategies and control measures to protect critical assets and sensitive information.
• Evaluate and manage cybersecurity risks associated with third-party vendors and service providers.
• Collaborate with procurement and legal teams to ensure that vendor contracts include appropriate security requirements.
• Policy & Compliance Management: Govern compliance with information security policies, standards, and procedures aligned to security strategy, relevant regulations, and industry best practices.
• Collaborate with cross-functional teams, service providers and other stakeholders to ensure consistent enforcement of policies and controls and monitor compliance.
• Ensure the organization’s adherence to applicable compliance frameworks, internal control framework and guidelines set out by the Information Security department.
• Facilitate and lead governance and risk committee meetings to ensure consistent application of security standards and policies across all projects, technology platforms and services.
• Security Audits and Assessments: Manage security audit lifecycle and risk assessments and consistently work towards the improvement of overall security maturity of the organization.
• Prepare and present regular reports on security risk, compliance status, and security posture to senior management and relevant stakeholders.
• Security Awareness and Training: Manage effective education and awareness program for the group to promote a culture of security awareness and compliance.

Requirements for Role of Information Security GRC Manager

• Bachelor’s degree in Computer Science, Information Technology, or a related field. Master’s degree is a plus.
• Professional security management certifications such as CISSP, CISM, CISA or other similar credentials.
• 7+ years experience in a combination of Information Security Governance, Risk, Compliance, and technology-related roles.
• Experience in leading and motivating cross-functional teams to achieve tactical and strategic goals
• Ability and experience to lead and develop teams.

Skills And Knowledge Desired

• Solid understanding of common information security standards, frameworks, and regulations such as ISO/IEC 27001, Cloud Security Alliance, NIST, PCI/DSS and GDPR.
• Knowledge and understanding of the major cloud platforms, Ecommerce, Integration and Customer Technologies.
• An understanding of security technologies such as EDR, VM, DLP, IPS, Firewalls, DevSecOps, SIEM, etc.
• Exceptional problem-solving skills and a results-oriented mindset.
• Excellent communication, collaboration, and interpersonal skills.

Fashion Consultant Versace Chalhoub Group Dubai