Cyber Trust Advisory (GRC) – Consultant (Arabic Speaker)

Help AG is looking for an experienced Cyber Trust Advisory (GRC) - Consultant (Arabic Speaker) to join our team in the UAE. The ideal candidate will be responsible for designing, implementing, and overseeing security governance frameworks, policies, and risk management strategies.

As a key member of our security team, you will work closely with internal and external stakeholders to ensure compliance with regulatory requirements, conduct risk assessments, and support organizations in achieving security certifications.

Responsibilities

• Design and enforce DLP policies, ISMS frameworks, and risk management programs.

• Establish information classification and data protection controls.

• Ensure adherence to ISO/IEC 27001, UAE IA, NECMA, UAE PDPL, and other regulatory standards.

• Conduct gap analysis, compliance audits, and risk assessments.

• Develop and maintain security policies, procedures, and governance frameworks.

• Perform cybersecurity risk assessments and propose mitigation strategies.

• Conduct Business Continuity Management (BCM) reviews and develop resilience strategies.

• Identify potential threats and ensure incident response plans align with compliance standards.

• Provide expert guidance on cybersecurity governance, risk management, and compliance (GRC).

• Support organizations in achieving ISO 27001 certification and cybersecurity maturity improvements.

• Advise on security best practices in data governance, privacy, and regulatory compliance.

• Work closely with stakeholders to develop security strategies and enhance the security posture.

• Prepare and present detailed security reports, risk assessments, and compliance documentation.

• Coordinate with internal and external auditors to ensure cybersecurity compliance.

• Conduct security awareness training for employees and leadership teams.

• Develop cybersecurity guidelines and best practice documentation.

• Assist in establishing incident response procedures and forensic investigations.

Qualifications & Skills

• University degree in a technical subject related to IT and/or Information Security. Master's Degree is preferred.

• Excellent command of information security concepts, such as risk assessment, ISO/IEC 27002 controls, technical policies and procedures and management systems requirements and auditing.

• Minimum of 5 years working experience.

• Hands-on experience completing implementations of at least 10 of the following standards: ISO/IEC 27001, ISO 22301, ISR, UAE IA, ADHICS, PCI-DSS, ISO/IEC 20000-1, and NCEMA.

• Hands-on experience in data classification and privacy consulting projects.

• Experience in leading project team and handling multiple large-scale activities/projects.

• Two or more formal certifications related to above standards, and at least one of the following CISSP, CISA, and/or CISM.

• Excellent consulting skills especially when interacting with senior management.

• Excellent communication, interpersonal, negotiation and conflict resolution skills.

• Expert skills in at least 3 of the aforementioned standards.

• Project leadership experience and capabilities.

• Fluent Arabic speaker and experience in Arabic document writing is an added value.

• Ability to understand complex business processes and activities.

• Flexible work approach, based on the job requirements.

• Ability to identify new work areas and to set new goals for himself/herself and the team.

• Excellent organizational and project management skills.

• Highly accountable for project timeline and budget.

• Ability to set the technical direction of the project and control it.

Benefits

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Annual flights tickets.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cybersecurity focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defences and safeguarding their business.