Senior Information Security Manager

3 weeks ago


Dubai, United Arab Emirates Chalhoub Group Full time

Senior Information Security Manager - Governance, Risk & ComplianceChalhoub Group is a partner and creator of luxury experiences in the Middle East with a portfolio of 8 owned brands and over 300 international brands.For over six decades, Chalhoub Group has been a partner and creator of luxury experiences in the Middle East. The Group has reinforced its distribution and marketing services with a portfolio of eight owned brands and over 300 international brands in the luxury, beauty, fashion, and art de vivre categories. More recently, the Group expanded its expertise into new categories of luxury watches, jewellery, and eyewear.Every step at Chalhoub Group is taken with the customer at heart, focusing on innovation to provide luxury experiences at over 750+ experiential retail stores, online and through mobile apps.What You'll Be DoingThe Information Security Governance, Risk, and Compliance (IS GRC) Senior Manager will be responsible for building, developing, and managing the Group's Information Security GRC function. This critical function will deliver and maintain key governance, risk, and compliance activities, including the management of ISO27001, PCI DSS, Supplier Assurance, and associated risk management initiatives.Reporting to the Director of Information Security, the IS GRC Senior Manager will collaborate closely with key stakeholders across the business, suppliers, and Technology teams to implement industry best practices, maintain certifications, and assure controls that protect critical information assets.Key Responsibilities:GovernanceBuild and manage a Group-wide Information Security GRC function to establish and enforce governance practices that align with organizational goals and regulatory requirements.Lead the development and ongoing maintenance of an Information Security Management System (ISMS) compliant with ISO27001:2022, PCI DSS, and other frameworks.Policy Development and ImplementationCreate and maintain robust information security policies, standards, and procedures, ensuring alignment with the organization’s operational and compliance requirements.Oversee the enforcement and periodic review of these policies to ensure they remain effective and up to date.Steering Committee and Governance ReportingProvide regular updates on Information Security risks, compliance, and control effectiveness to the Risk and Crisis Committee, Information Security Board, and other relevant governance bodies.Chair the Information Security Risk Committee and Information Security Working Group, ensuring effective communication and management of security risks.Information Security Risk Management FrameworkDevelop, implement, and continuously improve the Information Security Risk Management Framework to ensure alignment with the Group’s corporate risk management processes.Identify, assess, and manage information security risks across the Group.Disseminate risk information appropriately across organizational levels.Supplier Assurance and Third-Party Risk ManagementEnsure key 3rd-party suppliers are assessed against the ISO27001 control framework, with identified risks managed within the Group’s risk appetite.Maintain oversight of supplier assurance programs, ensuring continuous alignment with Group security standards and requirements.Threat Intelligence and MonitoringMonitor the evolving threat landscape and integrate threat intelligence into the risk assessment process.Use intelligence-led approaches to proactively mitigate risks and adjust security strategies accordingly.Assurance and AuditLead internal and external assurance, including certification and compliance audits.Conduct control gap analysis, ensure effectiveness reviews, and prioritize remediation actions with business owners.Act as a key liaison with auditors and certification bodies to maintain ISO27001 certification and other compliance requirements.Collaboration and Stakeholder EngagementPartner with Technology teams to embed ISMS controls across the business and ensure compliance with security standards.Collaborate with internal and external stakeholders to enhance the Group’s Information Security posture continually.Education and AwarenessDevelop and manage a Group-wide Information Security Education and Awareness Program to foster a culture of security awareness and compliance among employees.Track program effectiveness through metrics such as participation rates and phishing simulation results.Advisory and Operational ExcellenceProvide subject matter expertise on the implementation and assurance of information security policies, standards, and controls in alignment with Group objectives.Offer day-to-day guidance for business and Technology teams on security-related change activities.What You’ll Need To Succeed:Proven experience in a multi-national retail organization.Proven track record of building and leading an Information Security GRC centre of excellence.Significant knowledge and 5+ years’ experience of ISO27001, NIST CSF, Data Privacy Law, PCI DSS and ITIL.Awareness of regulatory requirements of the sector (e.g., UNC, GDPR; NIS Directive etc).A solid understanding of Information Security Governance, Risk and Compliance policies, controls and best practice.Previous experience developing, implementing and maintaining an Information Security Management System (ISMS).Subject Matter Expert in enterprise Risk Management – Information Security.Experience in developing and embedding Risk Management Frameworks and associated processes and procedures.Proven people management and leadership skills including performance management and improvement.Excellent senior leadership communication skills and demonstrable experience in a customer-facing role.Ability to lead, manage and prioritize across multiple work streams simultaneously.Professional Certifications, including:Certified Information Security Manager (CISM) or equivalent.CISSP.Certified ISO27001 implementer and or auditor.Certified Information Security Auditor (CISA) is an advantage.What We Can Offer YouWe will help shape your journey through enriching experiences, learning and development opportunities and exposure to different assignments within your role or through internal mobility. Our Group offers diverse career paths for those who are extraordinary, every day.We recognize the value that you bring, and we strive to provide a competitive benefits package which includes health care, child education contribution, remote and flexible working policies as well as exclusive employee discounts.We Invite All Applicants to ApplyAt Chalhoub Group, we are committed to inclusion and diversity. We welcome all applicants to apply and be part of our exciting future.#J-18808-Ljbffr



  • Dubai, United Arab Emirates DISTINGUISHED REAL ESTATE Full time

    Job Title: Information Security ManagerJob Description:We are seeking an experienced Information Security Manager to join our team. The successful candidate will be responsible for developing and implementing information security strategies to protect our organization’s data and assets from potential threats and vulnerabilities.Key...


  • Dubai, United Arab Emirates DISTINGUISHED REAL ESTATE Full time

    Job Title: Information Security ManagerJob Description:We are seeking an experienced Information Security Manager to join our team. The successful candidate will be responsible for developing and implementing information security strategies to protect our organization’s data and assets from potential threats and vulnerabilities.Key...


  • Dubai, Dubai, United Arab Emirates DISTINGUISHED REAL ESTATE Full time

    Job Title: Information Security ManagerJob Description:We are seeking an experienced Information Security Manager to join our team. The successful candidate will be responsible for developing and implementing information security strategies to protect our organization's data and assets from potential threats and vulnerabilities.Key Responsibilities:Develop,...


  • Dubai, United Arab Emirates DISTINGUISHED REAL ESTATE Full time

    Job Title: Information Security Manager Job Description: We are seeking an experienced Information Security Manager to join our team. The successful candidate will be responsible for developing and implementing information security strategies to protect our organization’s data and assets from potential threats and vulnerabilities. Key Responsibilities: ...


  • Dubai, United Arab Emirates DISTINGUISHED REAL ESTATE Full time

    Job Title: Information Security Manager Job Description: We are seeking an experienced Information Security Manager to join our team. The successful candidate will be responsible for developing and implementing information security strategies to protect our organization’s data and assets from potential threats and vulnerabilities. Key Responsibilities: ...


  • Dubai, Dubai, United Arab Emirates Intertec Systems Full time

    Intertec Systems is a leading provider of cybersecurity solutions, and we are currently seeking a Senior Information Security Professional to join our team. In this role, you will be responsible for designing and implementing robust security measures to protect our network from advanced threats.The successful candidate will have extensive experience in...


  • Dubai, Dubai, United Arab Emirates Oxford Knight Full time

    Oxford Knight is a leading provider of digital and cybersecurity consulting services in the Middle East. We partner with top industry leaders to execute global projects.Job Summary:We seek an experienced Chief Information Security Officer (CISO) to lead our Cyber Defense initiative. The CISO will be responsible for overseeing information security risk,...


  • Dubai, Dubai, United Arab Emirates Intertec Systems Full time

    Intertec Systems LLC is an award-winning global IT solutions and services provider specializing in digital transformation, cybersecurity, sustainability, and cloud services. We are a trusted extension to our clients' teams, with a track record of delivering 90% client satisfaction.We are seeking a highly skilled and experienced Cyber Security Lead to join...


  • Dubai, United Arab Emirates Financial Audit Authority Full time

    Job Overview Develop, document, maintain, and distribute Information Security Regulation (ISR) policies that addresses the purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance. Responsibilities and Duties - Develop Information Security Regulation (ISR) policies and procedures. - Identify...


  • Dubai, United Arab Emirates HAYS Full time

    Information Security Manager, InfoSec, GRC, Cloud, Infrastructure, Project Management **Your new company** We are working with one of the largest Investment Management Organisation in the Middle East. **Your new role** - Overlook the Entire Group IT Security including Infrastructure, Cloud Security Operation, Project management and GRC. - Manage all the...


  • Dubai, United Arab Emirates Michael Page Full time

    Roles and Responsibilities Develop and manage a comprehensive security program focused on securing infrastructure, products, and customer data. Oversee the development and enforcement of security policies, incident management processes, and risk mitigation strategies. Collaborate with development teams to integrate security into each phase of the...


  • Dubai, United Arab Emirates Michael Page Full time

    Roles and Responsibilities Develop and manage a comprehensive security program focused on securing infrastructure, products, and customer data. Oversee the development and enforcement of security policies, incident management processes, and risk mitigation strategies. Collaborate with development teams to integrate security into each phase of the...


  • Dubai, United Arab Emirates Papel Full time

    WHO WE AREAt Papel Holdings, we’re not just another Fintech company. We’re on a mission to revolutionize the financial landscape. From innovative banking solutions to cutting-edge digital asset products, we’re transforming how people interact with money.Our offices are strategically located in some of the world’s fastest-growing industry hubs: Dubai,...


  • Dubai, United Arab Emirates Papel Full time

    WHO WE AREAt Papel Holdings, we’re not just another Fintech company. We’re on a mission to revolutionize the financial landscape. From innovative banking solutions to cutting-edge digital asset products, we’re transforming how people interact with money.Our offices are strategically located in some of the world’s fastest-growing industry hubs: Dubai,...


  • Dubai, Dubai, United Arab Emirates Papel Full time

    WHO WE AREAt Papel Holdings, we're not just another Fintech company. We're on a mission to revolutionize the financial landscape. From innovative banking solutions to cutting-edge digital asset products, we're transforming how people interact with money.Our offices are strategically located in some of the world's fastest-growing industry hubs: Dubai, Vienna,...

  • Senior Analyst

    2 weeks ago


    Dubai, United Arab Emirates CHALHOUB Group Full time

    Information Security ResponsibilitiesDevelop, implement, and maintain information security policies, standards, and procedures.Ensure alignment of information security strategies with business objectives and regulatory requirements.Conduct regular reviews and updates of security policies to address emerging threats and changing business needs.Risk...

  • Senior Analyst

    2 weeks ago


    Dubai, United Arab Emirates CHALHOUB Group Full time

    Information Security ResponsibilitiesDevelop, implement, and maintain information security policies, standards, and procedures.Ensure alignment of information security strategies with business objectives and regulatory requirements.Conduct regular reviews and updates of security policies to address emerging threats and changing business needs.Risk...


  • Dubai, Dubai, United Arab Emirates ARENGY Full time

    About ARENGYA Digital and Cybersecurity Consulting Company operating in the Middle East from Dubai. Our customers are the most successful industry leaders executing projects around the globe. We partner with one of the leading Banking & Insurance Companies in Dubai.Job OverviewThe Chief Information Security Officer will oversee overall information security...

  • Senior Analyst

    2 weeks ago


    Dubai, United Arab Emirates CHALHOUB Group Full time

    Information Security Responsibilities Develop, implement, and maintain information security policies, standards, and procedures. Ensure alignment of information security strategies with business objectives and regulatory requirements. Conduct regular reviews and updates of security policies to address emerging threats and changing business needs. Risk...

  • Senior Analyst

    2 weeks ago


    Dubai, United Arab Emirates CHALHOUB Group Full time

    Information Security Responsibilities Develop, implement, and maintain information security policies, standards, and procedures. Ensure alignment of information security strategies with business objectives and regulatory requirements. Conduct regular reviews and updates of security policies to address emerging threats and changing business needs. Risk...