Job Title

Note: this job requires relocation to Dubai, United Arab Emirates. Please apply only if you are open and ready for relocation. About ICD InfoSecICD InfoSec is a Dubai-based cybersecurity advisory and consulting firm specializing in strategic risk advisory, vCISO services, and GRC implementation for enterprise clients across the Middle East. Our mission is to help organizations build boardroom-aligned cyber resilience that goes beyond compliance and strengthens long-term trust.Key Responsibilities* Design, implement, and operationalize GRC frameworks (e.g., ISO/IEC 27001, NIST CSF, COBIT, PCI-DSS).* Support vCISO-led engagements, aligning security posture with business risk appetite and regional regulatory requirements.* Conduct risk assessments, internal audits, and formulate remediation plans.* Ability to develop high-impact reports and presentations required for client engagements.* Develop and enhance policy frameworks, control libraries, and compliance tracking systems.* Perform third-party/vendor risk assessments and advise on governance and due diligence.* Develop executive-level reports for senior management, audit committees, and regulatory bodies.* Lead response and remediation for internal/external audit observations, ensuring continuous improvement.Technical and Professional Requirements* 5–8 years of experience in cybersecurity, data privacy, compliance, and risk roles.* Ideally from a consulting background having hands-on experience working on client engagements.* Proven exposure to GRC frameworks in enterprise environments.* Experience with GRC platforms like RSA Archer, MetricStream, LogicManager (preferred).* Strong understanding of enterprise risk management frameworks, control testing, policy management, and audit lifecycles.* Excellent communication, stakeholder engagement, and technical writing skills.* Quick learner with minimal oversight.* BFSI domain experience is a strong advantage.Certifications (Preferred)* ISO 27001 Lead Implementer / Lead Auditor (Must)* CISSP / CISA / CRISC / CIPM (either one of these is a Must)* Familiarity with local GCC regulations (UAE, KSA, Qatar) is highly desirable.What We Offer* Work alongside global CISOs, Senior Security Architects, and GRC leaders.* Direct exposure to board-level cybersecurity strategy and governance.* Accelerated growth within a high-impact Middle East consulting environment.* Competitive salary structure with performance-based incentives.* Multi-sector engagement across banking, critical infrastructure, and digital enterprise.Why Join ICD InfoSec?At ICD InfoSec, we don’t just consult — we lead. We’re a cybersecurity advisory firm built on trust, integrity, and strategic impact.Our vCISO-driven model puts you at the heart of boardroom-level decision-making, guiding some of the region’s most respected enterprises as they navigate risk, compliance, and digital transformation.Here, you will collaborate with a team of global cybersecurity leaders on high-stakes engagements across BFSI, Utilities, Healthcare, government, and enterprise.* Gain exposure to real-world regulatory challenges* Influence C-suite security strategy* Shape the future of cyber resilience in the Middle EastWe believe in continuous learning, sharp execution, and building trust by design — and we’re looking for professionals who share that mindset.