We are looking for a Cybersecurity Governance & Risk Manager to drive and operate the IT and Cybersecurity GRC framework for our client in Dubai. This role requires strong experience in cybersecurity governance, risk management, regulatory compliance, and hands-on management of GRC platforms to ensure consistent governance, effective risk oversight, and audit readiness across the organization.
This is a 12-month contract role in the organization and reports to the Director Cybersecurity, Risk & Assurance in the Information Technology department.
Key Responsibilities:
- Support the implementation and continuous improvement of the IT & Cybersecurity GRC framework aligned to business strategy and risk appetite
- Drive adoption of standardized cybersecurity governance and risk management practices across IT and Cybersecurity teams
- Provide clear and accurate cybersecurity risk and compliance insights to leadership to enable informed decision making
- Act as a key partner to Internal Audit, Compliance, Risk, and IT stakeholders on all cybersecurity GRC matters
- Implement and maintain cybersecurity policies, standards, procedures, and control documentation
- Manage the full lifecycle of IT and cybersecurity policies including review, approval, and updates
- Embed and support the cybersecurity risk ownership model with defined accountability and escalation mechanisms
- Operate and manage the ServiceNow IT GRC platform including workflows, records, and data quality
- Drive automation of governance, risk, and compliance processes to improve efficiency
- Develop dashboards and reports to provide visibility into risk posture, control effectiveness, and compliance status
- Coordinate control testing, evidence collection, and monitoring activities for critical controls
- Lead cybersecurity risk identification, assessment, treatment, and periodic review processes
- Maintain risk registers within the GRC tool and ensure alignment with enterprise risk registers
- Track remediation plans and ensure timely closure of risk treatment actions
- Support ISO 27001 and ISO 20000 certification maintenance including audit preparation and evidence management
- Coordinate responses to internal and external audits
- Track compliance obligations, audit findings, regulatory updates, and remediation activities
Knowledge, skills & experience:
- 610 years of experience in cybersecurity governance, risk management, or compliance roles
- Strong experience supporting audits, certifications, and regulatory compliance activities
- Hands-on experience with GRC platforms, preferably ServiceNow GRC
- Experience working in large, complex, or regulated enterprise environments
- Strong understanding of risk assessment methodologies and governance frameworks
- Practical knowledge of ISO 27001 (mandatory) and ISO 20000 (preferred)
- Ability to configure and manage GRC tools including risk workflows, policy management, compliance tracking, and third-party risk management
- Experience in developing dashboards and risk analytics reports
- Strong documentation and process design skills with an audit-ready approach
- Clear communicator with strong stakeholder management skills and ability to present technical findings in business-friendly language
Availability: Preference will be given to candidates available immediately or with a maximum 30 days notice period.
We are looking for a candidate who will be able to work in United Arab Emirates. Please apply with your resume and remember to provide us with your contact details.
We will review your job application within 7 working days. Should your profile fit the requirements of the role, a consultant from Edari will be in touch with you to get a deeper understanding of your profile, to discuss the role in more detail and potential next steps.
