Information & Cyber Security (ICS) Risk Specialist
Information & Cyber Security\n(ICS) Risk Specialist<\/span><\/a>
<\/h1>Meet myZoi<\/span>
<\/h3>myZoi\nis changing lives for the better for those who deserve it the most. We are an\nexciting fintech start\-up aiming to promote financial inclusion globally. Our\nvision is to provide a level playing field to the unbanked and the underbanked\nin accessing essential financial services in an affordable, convenient, and\ntransparent fashion. We are looking for smart, ambitious, and purpose\-driven\nindividuals to join us in this journey. <\/span>
<\/p>The Role<\/span>
<\/h3>We\nare seeking an Information & Cyber Security (ICS) Risk & Compliance\nSpecialist to collaborate with our Technology and Compliance teams in\nstrengthening our information security posture while aligning with UAE\nregulatory mandates. This role will bridge technical controls, compliance\nframeworks, and financial sector regulatory obligations, whilst ensuring safe\nadoption of enabling technologies. The ideal candidate will have strong\ninformation and cybersecurity technical skills, knowledge of global and local\ninformation and cybersecurity regulations and standards, including with respect\nto enabling technologies, good project management experience, and a proactive\nmindset for continuous improvement and stakeholder engagement. Overall, this\nrole will help the ICS Team ensure that information systems remain secure and\ncompliant with internal and external regulations, and protect our IT\ninfrastructure and digital assets from security threats.<\/span>
<\/p>Key Responsibilities<\/span>
<\/h3>- Lead and execute on information and cybersecurity\nregulatory compliance initiatives, such as CBUAE Information Security related\nand NESA UAE Information Assurance annual self\-certification as well as the\nremediation exercise.<\/span>
<\/span><\/li>- Own the PCI\-DSS lifecycle, encompassing scoping,\nremediation and coordination of gap or technical assessments \- liasing with\nexternal vendor(s), SecOps, SREs and DevOps (as required).<\/span>
<\/span><\/li>- Monitor, evidence, and report on CIS controls, including\nthe implementation of any identified gaps and improvements to existing controls\nwhere appropriate. Drive adoption across IT and business functions (as\nrequired).<\/span>
<\/span><\/li>- <\/span><\/span><\/span>Lead and drive all cyber risk and compliance activities\nfrom a project management perspective, reporting to the CISO. This may include\ncompliance with additional regulations, frameworks, or standards in the future,\nin alignment with the business roadmap and adoption of enabling technologies.<\/span>
<\/span><\/li>- Collaborate with the SecOps Team to ensure that the\ntechnical implementation of security controls meets regulatory requirements for\nexisting and new tools, while automating processes such as control monitoring\nefficiently and effectively by leveraging SOC tools whenever feasible.<\/span>
<\/span><\/li>- Track, interpret, and operationalize notices and circulars\nfrom the Central Bank of the UAE, including maintaining a central repository of\nCBUAE directives and related actions.<\/span>
<\/span><\/li>- Support the Cybersecurity Manager and CISO with conducting\ninternal audits and prepare for potential regulatory inspections.<\/span>
<\/span><\/li>- Support the CISO and Cybersecurity Manager with periodic\nreporting to the Executive Risk Committee, ensuring that updates are prepared\nin advance and exploring automation opportunities.<\/span>
<\/span><\/li>- Conduct proactive annual threat\-led risk assessments for\ncritical assets, supporting the Cybersecurity Manager and CISO with a\nrisk\-based information and cybersecurity strategy and roadmap.<\/span>
<\/span><\/li>- Collaborate with IT, legal, compliance, and other teams as\nrequired to implement timely controls and reporting obligations while also\nsupporting with information security training and awareness.<\/span>
<\/span><\/li>- Formulate a future\-ready integrated control framework aimed\nat automating, streamlining, and enhancing the efficiency and effectiveness of\ninformation and cybersecurity regulatory and compliance requirements.<\/span>
<\/span><\/li>- Explore and propose a solution to automate information and\ncyber compliance monitoring, evidencing, and reporting, utilizing visual\ndashboards to demonstrate risk posture and compliance status to\ncross\-functional leadership.<\/span>
<\/span><\/li><\/ul>Qualifications<\/span>
<\/h3>- Bachelor\u2019s degree in Cybersecurity or a related discipline;\na Master\u2019s degree in a related field is preferred.<\/span>
<\/span><\/li>- Certifications: CISSP and CISA / CISM and Prince2 / PMP\npreferred.<\/span>
<\/span><\/li>- 6+ years of hands\-on experience in information and cyber\nrisk, compliance, control implementation and project management (with a\nMaster\u2019s degree in a related discipline), or<\/span>
<\/span><\/li>- 8+ years of hands\-on experience in information and cyber\nrisk, compliance, control implementation and project management (with a\nBachelor\u2019s degree in Cybersecurity or a related discipline).<\/span>
<\/span><\/li>- Extensive knowledge and experience with e.g. CBUAE\nInformation Security and NESA UAE Information Assurance regulations, CIS\nControls, PCI\-DSS, ISO27001 and CBUAE directives.<\/span>
<\/span><\/li>- Strong command of English and excellent communication\nskills, with the ability to simplify complex concepts for non\-technical\naudiences.<\/span>
<\/span><\/li>- Ability to manage multiple tasks in a high\-pressure\nenvironment.<\/span>
<\/span><\/li>- Willingness to engage actively in task execution as well as\nmanagement.<\/span>
<\/span><\/li>- <\/span><\/span><\/span>Experience in financial services or fintech environments is\nessential.<\/span>
<\/span><\/li>- Experience in data security and broader data governance is\na plus.<\/span>
<\/span><\/li><\/ul>You\u2019ll\nbe part of a team committed to secure innovation, balancing agility with\ndiscipline. We\u2019re reimagining risk culture through compliance that fosters\ntrust, not just ticks boxes.<\/span>
<\/p>This\nrole is based in Dubai (UAE).<\/span>
<\/p>What We Offer<\/span>
<\/h2>- Competitive salary package, with health insurance and\nbenefits.<\/span>
<\/span><\/li>- Professional growth and development opportunities.<\/span>
<\/span><\/li>- Opportunity to work with cutting\-edge fintech solutions.<\/span>
<\/span><\/li>- Flexible work arrangements.<\/span>
<\/span><\/li>- <\/span><\/span><\/span>A great team.<\/span>
<\/span><\/li><\/ul>At myZoi we strive to create a both a\nproduct and a team that embraces equality, inclusion, diversity and freedom. We\nwant people who can be themselves and bring their own brand of value to the\nteam. Come and join us!<\/span><\/b>
<\/p>
<\/div><\/span>
<\/h3>
myZoi\nis changing lives for the better for those who deserve it the most. We are an\nexciting fintech start\-up aiming to promote financial inclusion globally. Our\nvision is to provide a level playing field to the unbanked and the underbanked\nin accessing essential financial services in an affordable, convenient, and\ntransparent fashion. We are looking for smart, ambitious, and purpose\-driven\nindividuals to join us in this journey. <\/span> We\nare seeking an Information & Cyber Security (ICS) Risk & Compliance\nSpecialist to collaborate with our Technology and Compliance teams in\nstrengthening our information security posture while aligning with UAE\nregulatory mandates. This role will bridge technical controls, compliance\nframeworks, and financial sector regulatory obligations, whilst ensuring safe\nadoption of enabling technologies. The ideal candidate will have strong\ninformation and cybersecurity technical skills, knowledge of global and local\ninformation and cybersecurity regulations and standards, including with respect\nto enabling technologies, good project management experience, and a proactive\nmindset for continuous improvement and stakeholder engagement. Overall, this\nrole will help the ICS Team ensure that information systems remain secure and\ncompliant with internal and external regulations, and protect our IT\ninfrastructure and digital assets from security threats.<\/span> You\u2019ll\nbe part of a team committed to secure innovation, balancing agility with\ndiscipline. We\u2019re reimagining risk culture through compliance that fosters\ntrust, not just ticks boxes.<\/span> This\nrole is based in Dubai (UAE).<\/span> At myZoi we strive to create a both a\nproduct and a team that embraces equality, inclusion, diversity and freedom. We\nwant people who can be themselves and bring their own brand of value to the\nteam. Come and join us!<\/span><\/b>
<\/p>The Role<\/span>
<\/h3>
<\/p>Key Responsibilities<\/span>
<\/h3>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li><\/ul>Qualifications<\/span>
<\/h3>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li><\/ul>
<\/p>
<\/p>What We Offer<\/span>
<\/h2>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li>
<\/span><\/li><\/ul>
<\/p>
<\/div><\/span>