Cyber Resilience Compliance Analyst

At the company, we believe in connecting the world through our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Join our CyberSecurity team where we ensure a world-class CyberSecurity organisation based on the key principles of People, Process, and Technology. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. As a Cyber Resilience Compliance Analyst, you will plan and lead the execution of compliance reviews and gap assessments. You will measure compliance against regulatory standards as well as internal policies and regulations, contributing to the development and implementation of cybersecurity governance framework, policies, and procedures, and driving compliance and remediation.

Responsibilities

• Conduct audits and assessments to identify gaps in compliance with relevant regulatory standards e.g., ISMS, EU-GDPR, UK DPA, PCI-DSS, ISO 27001, and UAE ISR from DESC.
• Oversee internal and external audits, manage audit remediation tracking, establish and drive KPIs, and drive remediation efforts.
• Support the implementation of new compliance requirements, including documentation, adoption, and ongoing adherence.
• Oversee compliance evidence collection and work with business units to gather and verify evidence for compliance assessments.
• Develop, improve, and streamline compliance evidence collection tools and procedures, escalating findings and non-compliance issues to management.
• Communicate evolving regulatory requirements and the compliance status (PCI DSS and EU-GDPR) to IT, Data Privacy Office, business units, and enterprise executives.
• Collaborate regularly with assessors and auditors to identify compliance gaps and implement corrective actions, adjusting the compliance program as needed.
• Work closely with business units and vendors to ensure adherence to compliance program requirements.
• Challenge and validate assessment decisions from both internal business units and external partners/vendors, driving and overseeing continuous improvements.

Requirements

• Degree or Honours (12+3 or equivalent) in Cybersecurity, Information Security, Information Technology, or a related field (Master's degree is a plus).
• Professional certifications such as CISSP, CISA, CISM, CRISC, ISO 27001.
• Lead Auditor/Implementer, PCI-DSS QSA/ISA, or other relevant security and compliance certifications are highly desirable.
• Proficiency in compliance management tools and ISMS frameworks (information security management system) frameworks.
• Strong knowledge of international and regional cybersecurity laws, regulations, and standards.
• Minimum 5-7 years of experience in cybersecurity regulatory compliance, governance, audit, or risk management.
• Experience conducting audits, assessments, and risk evaluations in a cybersecurity or IT compliance environment.
• Experience working with financial institutions, aviation, or critical infrastructure sectors.
• Familiarity with cloud security compliance frameworks (e.g., NIST, CSA, CIS Benchmarks).
• Strong technical understanding of cybersecurity concepts, controls, and threat landscapes.

Salary & Benefits
Join us in Dubai and enjoy an attractive tax-free salary and travel benefits that are exclusive to our industry, including discounts on flights and hotel stays around the world.