Life at Dubai Future Foundation
Dubai Future Foundation (DFF) aims to realize the vision of Dubai’s leadership, to institutionalize the envisioned future and forward-thinking methodologies, and positioning Dubai as the leading city of the future. In partnership with its local and global partners from governments, companies, startups, and entrepreneurs, DFF drives joint efforts to collectively imagine, design, and execute the best possible future for humanity.
Under the supervision of His Highness Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai, Chairman of the Executive Council of Dubai, and Chairman of the Board of Trustees of DFF, the DFF runs and oversees many future-facing projects and initiatives, such as the Museum of the Future, Area 2071, The Centre for the Fourth Industrial Revolution UAE, Dubai Future Accelerators, One Million Arab Coders, Dubai Future Academy, Dubai Future Solutions, Dubai Future Labs, Dubai Future Forum, etc. DFF’s efforts to share knowledge, adopt innovation, support entrepreneurs and innovative start-ups, build capacity, and promote forward-thinking and foresight principles contribute to Dubai’s ambitions to be a role model for the cities of the future through the power of unlimited imagination, innovation, foresight and disruptive mindset.
For more information on the initiatives, projects, and programs of Dubai Future Foundation.
Where does this role fit into the bigger picture?
Information Security GRC Specialist falls under the Internal Audit Office, where the Information Security GRC Specialist reports directly to the Head of Enterprise Risk Management.
The Information Security GRC Specialist is crucial in ensuring the organization’s cybersecurity and risk management framework is robust, compliant, and aligned with the Foundation’s overall strategic objectives.
Information Security GRC Specialist
As an Information Security GRC Specialist for the Dubai Future Foundation, will play a critical role in ensuring that the Dubai Future Foundation’s information security posture aligns with best practices, legal/regulatory requirements, and strategic objectives. This role will involve establishing and maintaining a robust GRC framework to manage cybersecurity risks, compliance obligations, and governance requirements effectively, enabling the organization to maintain resilience against cyber threats while meeting regulatory and industry standards.
• Facilitate the implementation of DFF’s information security and enterprise risk management systems.
• Conduct comprehensive information security, third-party security, operational and enterprise risk assessments.
• Advise on appropriate security controls.
• Verify that selected security controls are effectively implemented and maintained.
• Assist in managing information security incidents.
• Coordinate with DFF teams on information assets management.
• Develop governance-level policies, and procedures based on results of the risk assessment, in coordination with respective process owners.
• Assist management and information security champions with their information security responsibilities.
• Assist in information security related awareness, training, and education within DFF.
• Maintain interactions with information security interest groups, forums and associations.
Why this role is important?
This role makes the biggest impact by providing management with reasonable assurance on the risk management and compliance with applicable policies and procedures to protect and safeguard the organization. This role is critical to ensuring that the Dubai Future Foundation and its subsidiaries are aligned with the best in class and has adequate controls measures in place. You will act as an advisor to add value to the business and ensure they are operating efficiently and effectively.
What Dubai Future Foundation offers?
We will offer you a unique opportunity to work with passionate people, support shapers of the future as well as work that has an impact, not only on the organization or the UAE but all of humankind.
You will have the chance to work on exciting and new projects, work in a highly diverse and fast paced environment that fosters creativity, disruptive ideas and innovation.
Skills
• As Information Security GRC Specialist, you will hold a minimum of a Bachelors’ degree in a relevant field from a reputable institution.
• You will have a minimum of 4 years’ experience working in the Information Security Risk Management and Enterprise Risk Management field.
• You will have risk assessment techniques.
• You will have the ability to develop policy/procedure & implement it.
• You will conduct a threat modelling and analysis
• You will be responsible for incident management
• You will be responsible for vulnerability management.
• You will have an oversight of the business continuity management.
• You will be involved in security orchestration, automation, and response (SOAR).
• You will be responsible for asset and access management.
• You will have a focus on network and cloud security.
• You will have expertise in GRC frameworks, including ISO 27000 series, COSO ERM, and ISO 31000.
