Established in the 1930s as a trading business, Al-Futtaim Group today is one of the most diversified and progressive, privately held regional businesses headquartered in Dubai, United A"rab Emirates. Structured into five operating divisions; automotive, financial services, real estate, retail and healthcare; employing more than 35,000 employees across more than 20 countries in the Middle East, Asia and Africa, Al-Futtaim Group partners with over 200 of the world\'s most admired and innovative brands. Al-Futtaim Group\'s entrepreneurship and relentless customer focus enables the organisation to continue to grow and expand; responding to the changing needs of our customers within the societies in which we operate.By upholding our values of respect, excellence, collaboration and integrity; Al-Futtaim Group continues to enrich the lives and aspirations of our customers each and every day.Overview of the roleThe Digital Risk Manager will develop, implement, and oversee strategies to protect digital assets and mitigate cybersecurity threats in line with Al-Futtaim Group standards. The role involves acting as a central liaison for digital risk management across various business lines, requiring expertise in the insurance, automotive, and financial sectors. Strong leadership, extensive cybersecurity and risk management experience, and the ability to drive cross-departmental collaboration are essential for ensuring top-level security and compliance.What you will doStrategic Contribution:
- Digital Risk Management: Lead the implementation of strategic initiatives and maintain a robust framework using industry standards (NIST, COBIT, ISO 27001) to mitigate cybersecurity threats and safeguard data.
- Utilize AI tools to enhance threat detection by analyzing large data sets, identifying patterns, anomalies, and potential security incidents in real-time.
- Compliance and Gap Assessment: Ensure adherence to evolving regulatory requirements and industry standards (ADHICS, NESA, PCI-DSS, ISO 27001, ISO 27701, ISO 22301, ISO 28000, SWIFT KYC), minimizing compliance risks.
- Vendor Risk Management: Develop and implement a comprehensive strategy to manage vendor-related risks aligned with the organization\'s risk appetite and business objectives.Tactical Contribution:
- Digital Risk Management Policies: Develop and maintain policies outlining roles, responsibilities, and risk assessment methodologies tailored to the organization\'s risk landscape and objectives.
- Cross-Functional Collaboration: Work with IT, compliance, legal, audit, and business teams for regular security and gap assessments, ensuring comprehensive risk management.
- AI Governance: Govern and guide the ethical and compliant development and deployment of AI technologies, ensuring they are secure and properly managed.
- Security Awareness Campaigns: Conduct awareness campaigns and simulated phishing exercises to promote a culture of security and test employees\' susceptibility to phishing attacks, providing targeted training as needed.Required Skills to be successful
- Strong expertise in configuring, customizing, and deploying Governance, Risk, and Compliance (GRC) tools.
- Experience with Information Security Management Systems (ISMS) and related frameworks (ISO 27001, COBIT, ITIL).
- Proficiency in conducting security risk assessments for AI systems and applications.
- In-depth knowledge of international cybersecurity standards (NESA, ADHICS, ISO31000, ISO 28001, ISO27005, ISO20000, PCI-DSS).
- Ability to conduct comprehensive risk assessments covering financial, operational, strategic, and compliance risks.
- Experience in developing and implementing action plans to mitigate identified risks.
- Ability to analyze potential security risks and develop metrics and reporting frameworks for KPIs and KRIs.REQUIREMENTSWhat equips you for the role
- Bachelor\'s or Master degree in IT, computer application or similar.
- Minimum 10 - 13 years of experience in Security Risk and Governance in a customer facing capacity
- Certified Information Systems Security Professional (CISSP) certification is mandatory.We\'re here to provide excellent service but a little help from you can ensure a five-star candidate experience from start to finish.Before you click "apply": Please read the job description carefully to ensure you can confidently demonstrate why this opportunity is right for you and take the time to put together a well-crafted and personalised CV to further boost your visibility. Our global Talent Acquisition team members are all assigned to specific businesses to ensure that we make the best matches between talent and opportunities. We not only consider the requisite compatibility of skills and behaviours, but also how candidates align with our Values of Respect, Integrity, Collaboration, and Excellence.ABOUT THE COMPANYEstablished in the 1930\'s, the Al-Futtaim Group initially operated as a trading enterprise. Rapid development throughout the 1940\'s and 50\'s saw it establish itself regionally as an integrated commercial, industrial and services organisation, positioning itself one of the leading business houses in the lower Gulf region. Today, it operates collectively over 40 companies bearing the Al-Futtaim name, dominates many market segments in the UAE, and has expanded its sphere of operation to include Bahrain, Kuwait, Qatar, Oman and Egypt.The Group comprises a diverse range of strategically positioned operating subsidiaries and associate companies, structured to give the Al-Futtaim Group the flexibility and versatility to keep ahead of local competition while keeping pace with the ever-evolving global business scenario. The Groups continued investment in world-class systems technology is clear evidence of its commitment to maintain leading edge performance and service delivery.The success of the Al-Futtaim Group can be attributed to a business approach that combines the ability to change with the traditional values of integrity, service and social responsibility that define its core business philosophy. This, linked with the Groups belief in decentralisation, gives the heads of the operating companies a high degree of functional autonomy and authority, providing the Group with essential flexibility, and individual employees a clearly defined work culture and sense of responsibility.

GulfTalent