Drive governance, risk, and compliance programs across multiple frameworks, managing audits and risk assessments for APPIT Software Solutions in Dubai.
Dubai, UAE
Full-time
Cybersecurity
Responsibilities
Manage and maintain compliance programs across ISO 27001, SOC 2, NESA, and GDPR frameworks
Conduct enterprise risk assessments, maintain the risk register, and track risk treatment plans to completion
Coordinate internal and external audit activities, manage evidence collection, and ensure timely remediation of findings
Develop, review, and update information security policies, standards, and procedures aligned with business objectives
Perform third-party vendor risk assessments and manage the vendor security review lifecycle
Prepare compliance reports and risk dashboards for executive leadership and board-level stakeholders
Requirements
4+ years of experience in GRC, IT audit, or information security compliance roles
Strong working knowledge of ISO 27001/27002, SOC 2, NIST CSF, and regional frameworks (NESA IAS)
Experience managing audit cycles end-to-end including scoping, evidence collection, and remediation tracking
Understanding of risk management methodologies (FAIR, NIST RMF, ISO 31000)
Familiarity with GRC platforms such as ServiceNow GRC, OneTrust, or Archer
Excellent written and verbal communication skills with the ability to translate technical risks for business audiences
Nice to Have
CISA, CRISC, or ISO 27001 Lead Auditor certification
Experience with UAE NESA and DIFC data protection regulations
Knowledge of PCI DSS compliance requirements
Skills
ISO 27001SOC 2Risk AssessmentAudit ManagementNIST CSFVendor Risk ManagementPolicy Development
Apply for this position
Fill in your details below to submit your application.