Information Security Consultant
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
This role is responsible for leading, coordinating, and driving the Information Security Governance (GRC) and Business Continuity functions across organization and its subsidiaries.
Key Skills for This Role
Full Job Posting
Overview
This role is responsible for leading, coordinating, and driving the Information Security Governance (GRC) and Business Continuity functions across organization and its subsidiaries.
The position ensures effective governance, regulatory compliance, audit readiness, risk oversight, and timely closure of enterprise-wide initiatives and actions.
The consultant will operate as a hands-on senior resource, owning end-to-end delivery of critical governance and resilience initiatives, with direct exposure to senior management and all business units.
This position requires a senior, highly proactive professional who can independently manage and deliver Information Security and Business Continuity governance functions end-to-end, with strong ownership, attention to detail, and a commitment to operational excellence.
Key Responsibilities.
1. Information Security Governance & GRC
- Establish, maintain, and continuously enhance the Information Security Governance, Risk, and Compliance (GRC) framework.
- Define and maintain the organization’s Information Security framework, including policies, standards, procedures, charters, and governance structures.
- Lead enterprise-wide risk management activities, including identification, assessment, treatment, and reporting of information security and operational risks.
- Ensure alignment with regulatory requirements, UAE IA standards, and international frameworks (e.g., ISO 27001, ISO 22301, NIST, etc.), Cybersecurity Council Policies etc.
- Provide governance oversight across critical security domains.
- Support development of annual security plans, objectives, and performance metrics, aligned with organizational strategy.
2. Audit, Compliance & Regulatory Oversight
- Manage and coordinate all internal, external, and regulatory audits (Information Security, Business Continuity, EHS/IMS where relevant).
- Drive end-to-end audit lifecycle management, including Preparation and coordination, Stakeholder alignment, Evidence collection and validation, Audit walkthroughs, and responses
- Ensure timely closure of audit findings, with Clear ownership, Defined remediation plans, Evidence tracking, and Executive reporting
3. Integrated Management System (IMS)
- Coordinate and maintain the Integrated Management System (IMS) across Information Security, Business Continuity, and related domains.
- Ensure all documentation (policies, SOPs, procedures) remains Current, Approved & Effective.
- Aligned to organizational objectives and audit expectations
- Support governance forums including Committees, Working groups and Management reviews
- Manage management system lifecycle activities, including Recertification, Surveillance audits, Scope expansion, and Continuous improvement initiatives
- Act as a primary point of contact for auditors, regulators, and assurance partners.
- Maintain oversight of compliance against applicable frameworks and regulatory mandates, ensuring continuous compliance posture
4. Business Continuity & Operational Resilience
- Manage the Business Continuity Management System (BCMS), Disaster Recovery (DR) plans and operational resilience program.
- Ensure organizational readiness through Regular testing and simulation exercises, Scenario planning, and validation and Post-exercise reporting and improvement tracking
- Oversee development, testing, and maintenance of business continuity, disaster recovery, and crisis management frameworks.
- Ensure the organization is prepared for disruptive events through structured planning, simulations, and executive‑level reporting.
- Provide strategic input into resilience planning, including technology, people, facilities, and third‑party dependencies.
5. Awareness, Culture & Human Risk Management
- Define and drive the Information Security and Business Continuity awareness strategy at an enterprise level.
- Ensure awareness initiatives address multiple channels (training, communications, campaigns, and leadership engagement).
- Perform vendor‑supported awareness and simulation programs, ensuring quality, relevance, and measurable outcomes.
- Promote a strong security and resilience culture across the organization.
6. Identity, Access & Third‑Party Governance
- Regularly perform identity & access reviews, and segregation of duties across various functions.
- Manage third‑party risk management, including methodology definition, assessments, and remediation oversight.
- Ensure access, vendor, and supplier risks are identified, reviewed, and managed in line with policy and regulatory expectations.
7. Strategy, Projects & Advisory Role
- Act as a senior advisor to leadership on information security, resilience, and emerging risk topics.
- Engage in enterprise initiatives and projects to ensure security and continuity requirements are embedded early.
- Contribute to long‑term strategy, annual plans, objectives, and performance reporting.
- Support executive, board, and committee-level reporting, providing clear insights and recommendations.
Essential
- Strong experience in
Information Security, Business Continuity, GRC
- , or operational resilience roles.
- Proven ability to independently own and deliver complex, cross‑functional initiatives.
- Hands‑on experience with audits, regulatory requirements, and standards‑based environments.
- Ability to work effectively in regulated, high‑accountability environments.
- Excellent organization, tracking, and follow‑through skills.
- ISO 27001 / ISO 22301 certification (preferred)
Role Characteristics
- Senior, enterprise‑wide responsibility
- High level of autonomy and accountability
- Audit‑ and regulator‑facing role
- Combines strategy, governance, and oversight with hands‑on experience
- Note: This is a hands-on execution and ownership role with full accountability across initiatives.
- It is not a people-management or delegation-based position.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Staff Connect UAE
Quality Assurance Tester
Dubai, UAE
Staff Connect UAE is hiring experienced QA testers for integration and end-to-end testing across Oracle Fusion ERP, OIC, WMS, CRM, and EDI. The role involves structured test execution, defect logging, and validation of c
Network Engineer
Abu Dhabi Emirate, UAE
Staff Connect UAE seeks a Network Engineer to design, implement, maintain, and troubleshoot enterprise network infrastructure. The role involves hands-on work with Cisco and Huawei equipment, firewalls, SD-WAN, and cyber
Oracle Application Technical Consultant
Ajman Emirate, UAE
Staff Connect UAE is looking for an Oracle Application Technical Consultant with at least 5 years of experience in Oracle Applications (Release 12). The role involves designing, implementing, testing, and documenting Ora
Senior Information Technology Support Engineer
Abu Dhabi Emirate, UAE
Staff Connect UAE is seeking an experienced L3 IT Support Engineer to provide advanced technical support across infrastructure, applications, and network environments in Abu Dhabi. The role requires 6+ years of experienc
IT Service Operations Manager
Dubai, UAE
Staff Connect UAE is seeking an IT Service Operations Manager to own the operational backbone of the Infrastructure & Cybersecurity function. The role leads service desk operations, incident management, change management
Site Project Manager
Abu Dhabi Emirate, UAE
Staff Connect UAE is hiring a Site Manager for water treatment and infrastructure projects in Abu Dhabi. The role involves planning, execution, supervision, and delivery of projects, managing site operations, coordinatin
Structural Drafter
Dubai, UAE
Staff Connect UAE is seeking a skilled Structural Draftsman to prepare detailed structural drawings for RCC and steel structure projects. The role requires 3+ years of experience, proficiency in AutoCAD, and strong knowl
Work Preparator
Dubai, UAE
Staff Connect UAE is seeking a detail-oriented Work Preparator to support maintenance and project activities in Dubai. You will prepare work packages, interpret engineering drawings, and coordinate with teams. Requires a
Quality Assurance Tester
Dubai, UAE
Network Engineer
Abu Dhabi Emirate, UAE
Oracle Application Technical Consultant
Ajman Emirate, UAE
Senior Information Technology Support Engineer
Abu Dhabi Emirate, UAE
IT Service Operations Manager
Dubai, UAE
Site Project Manager
Abu Dhabi Emirate, UAE
Structural Drafter
Dubai, UAE
Work Preparator
Dubai, UAE