Job Purpose
At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Our cyber security team are on the market for a dynamic and experienced IT Risk Analyst to join their team.
The successful candidate will be responsible for maintaining the IT Risk Management framework, and perform risk assessments on Cyber Security, third party IT operations and project and programmes. In addition, they will also maintain the Cyber Security governance framework, review policies and standards, and conduct Cyber Security awareness campaigns.
Job Accountabilities Linked To Objective Areas
- Ensure a comprehensive IT Risk Management framework is established to identify, analyse, mitigate, monitor and communicate IT risks across Emirates IT.
- Collect IT risks identified through various channels (e.g. risk assessments, incidents), log them in the IT Risk Register and perform continuous monitoring activities.
- Perform regular risk assessments on Third Party, Cyber Security, project and programmes and IT operations.
- Perform risk assessment reports and present the results to management.
- Produce regular risk reports for all IT departments, and top risks report for senior management.
- Develop Key Risk Indicators (KRIs) for IT and create dashboards for continuous monitoring of the risks.
- Conduct regular IT and Cyber Security maturity assessments, bench-marking assignments and gap assessments against industry best practices to identify areas of improvement.
- Periodically assess, improve and develop Cyber Security controls, policies, processes and standards.
- Design, develop and maintain a Cyber Security scorecard by business area, to assess the Cyber Security posture.
- Identify key metrics covering all Cyber Security areas, automate the data collection and scorecard production for all business areas, present the scorecard to the business.
- Monitor and track IT regulatory requirements and keep abreast of emerging risks and industry standards, and assess the potential impact on the organisation as well as produce regular reports to senior management.
- Support / contribute to the IT security awareness campaign by organising roadshows, publishing articles, or conducting on-site Cyber Security training.
- Conduct awareness training and workshops on IT risk management.
- Assess, review and action requests for exceptions to policies and standards from all levels of the organization, both corporate and IT users.
- Maintain an up-to-date repository of all the exceptions granted and communicate the exceptions to relevant business/ technical units.
Qualifications & Experience
To be considered for this role, you must meet the below requirements:
Qualifications
Degree or Honours (12+3 or equivalent) Computer science, Information Systems, Engineering, Telecommunications, or other related scientific or technical disciplines.
Experience
- Minimum 5 years in Information Technology and CyberSecurity
- Experience working in cross-functional and interdisciplinary teams to solve complex problems.
- Experience in technical writing such as event bulletins, cyber digests, and quarterly summary reports.
- Experience in IT Risk management, Cyber Security and Governance.
- Holistic IT knowledge of Heterogeneous Technology Environments.
- Experience in Information Security, Risk Management and cyber security awareness.
Salary & Benefits
Join us in Dubai and enjoy an attractive tax-free salary and travel benefits that are exclusive to our industry, including discounts on flights and hotels stays around the world. You can find out more information about our employee benefits in the Working Here section of our website www.emirates.com/careers. Further information on what’s it like to live and work in our cosmopolitan home city, can be found in the Dubai Lifestyle section.