Job Description

Policy & Compliance: Maintain IT IS policies aligned with NIST, ISO 27001, UAE CB, GDPR and PCI DSS; ensure audit readiness via periodic reviews.

Risk Management: Lead enterprise risk assessments; maintain a dynamic cybersecurity risk framework; prioritize remediation by business impact.

Zero Trust & Network Security: Design Zero Trust segmentation, mTLS, NDR, resilient perimeters, and secure remote access to block lateral movement and exfiltration.

VAPT: Plan VAPT across OS, AI, cloud, apps, network, mobile; track remediation; coordinate external pen tests and integrate findings into vulnerability management.

Cloud & Container Security: Embed DAST, SAST, container scanning, SCA into CI CD; enforce IaC scanning; image signing; runtime protections; CIS hardening; secrets management; runtime containment; secure environments in AWS, Azure, GCP.

Endpoint & Identity Protection: Operate EDR, XDR; secure boot; immutable images;...