Overview
Head of Information Security & Data Privacy Jobs in Dubai, United Arab Emirates at Zand
Title: Head of Information Security & Data Privacy
Company: Zand
Location: Dubai, United Arab Emirates
Job Purpose
The Head of Information Security & Data Privacy designs and implements the organization’s information security strategy, ensuring the protection of critical data and systems. This role drives a culture of security and compliance by managing risks, upholding privacy standards, and championing best practices while directly supporting the organization’s trust, resilience, and business continuity objectives.
Key Responsibilities
- Develop and maintain the organization’s information security and data privacy strategy, policies, and frameworks.
- Lead the implementation of controls to safeguard information assets across all business units and technology platforms.
- Assess risks, carry out periodic security and privacy audits, and facilitate remediation plans.
- Oversee compliance with relevant laws and regulations (e.g., GDPR, local data protection acts), acting as the main liaison for audits and regulatory bodies.
- Promote cybersecurity awareness and training initiatives to cultivate a security-focused workforce.
- Respond to security incidents, conduct investigations, and manage breach protocols and reporting.
- Collaborate with IT, legal, HR, and business teams to embed privacy-by-design and security best practices in processes and technologies.
- Advise management on emerging threats, trends, vulnerabilities, and mitigation strategies.
- Manage third-party security risks, including supplier assessments and data processing agreements.
Key Skills, Qualifications & Experience
Education & Certifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. Professional certifications such as CISM, CISSP, CISA, or similar strongly preferred.
Experience: Minimum 10 years of experience in information security and data privacy roles, with at least 5 years in a leadership or managerial position.
Technical Skills & Competencies:
- In-depth knowledge of information and cyber security frameworks (e.g. ISO 27001, NIST).
- Excellent understanding of data privacy laws, regulations, and standards (such as GDPR).
- Proficient in risk management, security incident handling, and regulatory compliance.
- Strong leadership, stakeholder management, and communication skills.
- Ability to drive cultural change and security awareness across diverse teams.
- Experience overseeing vendor security and third-party risk management.
