Job Purpose
Develop and maintain the IT Risk Framework, provide reporting and risk metrics of the risk management activity, maintain the IT Risk Register, with a focus on CyberSecurity risk, Third party risk, Operational risk and Project & Programme risk. Conduct regular risk assessments and report the result to Management. Act as an enabler for the business and strengthen our IT risk framework to support Management decision making.

Related: Engineering Basic Training Manager Job – The Emirates Group Dubai

Job Outline:
– Define and develop a risk management framework to effectively assess and manage all IT risks that could potentially impact the goals of Emirates IT. The framework should be based on industry standards and industry best-practices.
– Develop a risk assessment methodology within the framework such that all IT risks are identified, assessed based on likelihood and impact, recorded, prioritised, mitigated and communicated to stakeholders.
– Assess current levels of risks within the Emirates IT environment on an on-going basis in accordance with the implemented framework. Ensure that the mitigation plan and the responsibility for mitigation is agreed for all the identified security risks with the risk owner.
– Maintain the IT Risk Register to effectively record, communicate and track the progress of mitigation of the risks.
– Co-ordinate with risk owners and manage all the identified risks through their life-cycle from identification to immediate containment to resolution to verification to closure through the IT Risk Register. Provide appropriate reports on the risk status to the Management.
– Provide regular support to the CyberSecurity teams on security and risks in projects.
– Train IT staff on the Risk Management methodology and usage of the IT Risk Register.
– Keep abreast of new and emerging risks within the IT environment and disseminate the relevant information to all concerned and ensure immediate containment actions are initiated.
– Develop Key Risk Indicators to assess the CyberSecurity risk posture of business areas, automate the process and provide regular updates to the business.
– Provide Management regular updates on the Top 10 risks of Emirates IT.
– Utilise opportunities to develop direct reports, establishing clear objectives and supporting them through training, and/or leading projects and intiatives that meet their development plans. Mentor, coach and provide feedback to support their development to cultivate a high performance culture which aligns with the future capability needs of IT.

Related: IT Senior Operations and Support Engineer Job – The Emirates Group Dubai

Qualifications & Experience
Experience and Qualifications
IT Security : 8+ Years
Degree or Honours (12+3 or equivalent) :
Degree in an IT related subject Experience in IT risk management and CyberSecurity Knowledge/skills: International Standards such as NIST, ISO31000, ISO27001, PCI-DSS, ITIL, COBIT, Cyber Security standards, etc. Highly effective communication skills with written and oral fluency in English
Leadership Role : YES
Safety Sensitive Role: No

Work Level
Experienced, Manager / Executive
Employment Type
Full Time
The Emirates Group
View profile
Industry
Aviation
Location
United Arab Emirates

Related Jobs

Other similar jobs that might interest you