Note! This job has been aggregated through external sources, the Apply link will take you to the company's website.

Head Of Information Governance, Risk, And Compliance (CONTRACT) Enterprise IT - Dubai Job in United Arab Emirates
Al Futtaim Private Company LLC , United Arab Emirates

Never pay for job application, test/interview.
Safe Job Search | EEO Laws in UAE
2 Years
0 - 0 USD
Job Type
Job Shift
Job Category
Requires Traveling
Career Level
As Described in Job Ad
Total Vacancies
1 Job
Posted on
Mar 3, 2021
Last Date
Jun 29, 2021

Job Description

As a humble family business that started on the banks of the Dubai Creek in the 1930s, Al-Futtaim has expanded to a presence in 31 countries, a portfolio of over 200 companies, and 42,000 employees. You’ll find us in industries ranging from automotive and retail, to finance and real estate, and connecting people with international names like Lexus, Ikea, Robinsons, and Adidas. Our team is proudly multicultural and multinational because that kind of diverse representation gives us the global mindset to grow and impact the people, markets, and trends around us.

Come join us to live well, work better, and be the best.

About the Role

The Head of Information GRC is responsible for the assessing and documenting Al Futtaim’s compliance and risk posture as they relate to the its information assets and systems.

The purpose of this position is to provide information security expertise for the development and implementation of the IT and Information risk, compliance and governance management programs. Responsibilities require leadership and people management experience, as well as expertise to ensure effective system-wide security analysis; compliance; risk assessment; awareness and education; and development of policies, standards and guidelines.

About the Responsibilities

Work cross-functionally across all levels in the organization. Represent Information GRC activities to all levels, including Executive Management.

Document, agree and coordinate transfer of 2nd Line of Defence activities from GIAD to EIT iGRC.

Manage cross-functional coordination with Enterprise Risk Management, EIT Management and Internal Audit.

Create, maintain and regularly communicate Information Security Policies, Standards, and Processes.

Lead the development and implementation of the risk management function for the information security program to ensure information security risks are identified, monitored and reported to senior management.

Conduct regular compliance reviews to identify adherence or gap in information security controls.

Manage the organisation wide Information Security Awareness and EIT wide Risk Management training.

Implement and manage the Information Security GRC tool.

Manage all security related audits (internal, external, regulatory, etc.)

Develop, monitor, and report on key metrics (KPIs and KRIs) for risk, compliance and operating effectiveness of internal controls.

Job Specification

About the Requirements


Degree in Comp Sci, or equivalent. Must have relevant industry certifications from GIAC, ISACA, ISC2, EC-Council, SECO-Council, or similar in Risk Management, Information Security, or Audit.

Minimum Experience and Knowledge:

Minimum of 10 years’ experience in Information Security domain with demonstrable experience working within Audit, Risk and Compliance activities. Knowledge and experience with International Standards such as ISO2700x, PCI-DSS, COBIT, NIST Cyber Security standards, etc.

Job-Specific Skills:

Risk Management – expert knowledge of information security risk management frameworks and practices

Audit Management – ability to constructively manage external and internal auditors

Compliance - Knowledge of PCI-DSS, GPDR and ideally UAE NESA compliance


Engagement with senior Business executives with ability to influence

Able to recognize, coordinate, and motivate stakeholders in cross-departmental initiatives

Able to identify and recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security control gaps, decisions regarding risk, and measures for improving computer and network security.

Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.

Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors.

Perform other duties as assigned to ensure the smooth functioning of the team and maintain the reputation of the organization.



Information Security principles and practices

Risk Management principles and practices


Systems Development – Advanced knowledge of security architecture and software assurance practices

People management – ability to lead and develop team members


SDLC and Project Management methodologies

ITIL and Service Management principles

IT Vendor Management

Business Process Design

We’re here to provide excellent service but a little help from you can ensure a five-star candidate experience from start to finish.

Before you click “apply”: Please read the job description carefully to ensure you can confidently demonstrate why this opportunity is right for you and take the time to put together a well-crafted and personalised CV to further boost your visibility. Our global Talent Acquisition team members are all assigned to specific businesses to ensure that we make the best matches between talent and opportunities. We not only consider the requisite compatibility of skills and behaviours, but also how candidates align with our Values of Respect, Integrity, Collaboration, and Excellence.

As part of our candidate experience promise, we also want to make ourselves available to you throughout the application process. We make every effort to review and respond to every application.

Apply now »

Al Futtaim Private Company LLC

Consumer Goods - Dubai, United Arab Emirates