Assistant Manager – Cyber Security, Assurance & Risk UAE National-IT DUBAI PROPERTIES GROUP LLC

• The role holder is responsible for supporting the implementation and monitoring of information security governance and compliance activities across DHAM and its entities.

• This includes assisting with policy development, audits, awareness initiatives, and governance frameworks to ensure alignment with best practices (e.g., ISO 27001) and business requirements.

• The role focuses on coordinating activities, maintaining documentation, and providing operational support to help strengthen the group’s overall

Cybersecurity & Risk Management

• Support the IT and cybersecurity risk management framework, ensuring alignment with organizational objectives and regulatory requirements.

• Identify, evaluate, and monitor technology-related risks across infrastructure, applications, cloud, and third-party vendors.

• Work with stakeholders to implement mitigation measures, controls, and risk treatment plans.

• Maintain the IT Risk Register, track remediation actions, and escalate risks/issues in line with governance processes.

• Coordinate and conduct periodic risk assessments and workshops with business and IT stakeholders.

• Track and report Key Risk Indicators (KRIs) and prepare risk dashboards and reports for management review.

Assurance & Compliance

• Conduct assurance reviews and internal audits of security controls, IT processes, and regulatory compliance (e.g., ISO 27001, NIST, GDPR, UAE NESA, SCA).

• Support internal and external audit engagements, ensuring timely closure of findings and recommendations.

• Monitor assurance activities such as user access reviews, control checks, and compliance schedules.

• Report on compliance status, exceptions, and remediation plans to management.

• Maintain documentation and evidence to support governance, risk, and compliance (GRC) requirements.

• Liaise with IT/security teams and vendors on incident reporting, documentation, and follow-up.

Policy, Governance & Awareness

• Support the development, review, and enforcement of IT and cybersecurity policies, standards, and procedures.

• Contribute to the implementation and continuous improvement of the IT Governance Framework, aligning with ISO 27001 and other standards.

• Promote security awareness through training, communications, and awareness sessions across all business units.

• Participate in governance and risk forums and support management reporting.

Disaster Recovery (DR) & Business Continuity (BCM)

• Support the development, maintenance, and testing of Disaster Recovery (DR) and Business Continuity (BC) plans.

• Coordinate DR/BC test planning, scheduling, execution, and documentation of results.

• Track corrective actions, ensure remediation, and maintain centralized DR/BC documentation for audits and management reporting.

Operational & Project Support

• Support group-wide information security, governance, and compliance initiatives.

• Assist in managing IT governance and security projects, including coordination with vendors and service providers.

• Gather data to identify gaps, support process improvements, and escalate issues where needed.

• Track and report progress on information security and governance initiatives to senior management.