Assistant Manager - Cybersecurity

About Dubai Holding Asset Management:

Dubai Holding Asset Management (DHAM) owns and operates an extensive portfolio of 20 landmark retail destinations and 15 residential communities. The Group plays a focal role in shaping Dubai's position as a global leader in business, tourism and leisure, contributing to its position as one of the world's most coveted and sought-after liveable destinations.

From hot-spot retail destinations like Bluewaters, JBR, Souk Madinat Jumeirah, Al Khawaneej Walk and The Outlet Village to popular attractions, including the Theatre of Digital Art, Madame Tussauds, Tr88house, Museum of Illusions, Dubai Holding Asset Management’s retail destinations captivate millions of visitors and tourists every year. Meanwhile, the niche and vibrant community centres as Bay Avenue, Mudon Community Centre, and Serena Marketplace play a vast role in enhancing the overall quality of life in residential communities, making neighbourhoods more vibrant and connected. 

In 2022, Dubai Holding Asset Management’s retail destinations collectively attracted over 28 million visitors and hosted over 75 events across the portfolio.

Dubai Asset Management maintains a substantial presence in Dubai with a leasing portfolio of 15 distinct residential communities, elevating the city’s global recognition as one of the most desirable and liveable destinations worldwide.

About the Job:

An opportunity has arisen for an Assistant Manager Cyber Security to join Dubai Holding Asset Management. The main duties and responsibilities of this role:

Cybersecurity & Risk Management

• Support the IT and cybersecurity risk management framework, ensuring alignment with organizational objectives and regulatory requirements.
• Identify, evaluate, and monitor technology-related risks across infrastructure, applications, cloud, and third-party vendors.
• Work with stakeholders to implement mitigation measures, controls, and risk treatment plans.
• Maintain the IT Risk Register, track remediation actions, and escalate risks/issues in line with governance processes.
• Coordinate and conduct periodic risk assessments and workshops with business and IT stakeholders.
• Track and report Key Risk Indicators (KRIs) and prepare risk dashboards and reports for management review.

Assurance & Compliance

• Conduct assurance reviews and internal audits of security controls, IT processes, and regulatory compliance (e.g., ISO 27001, NIST, GDPR, UAE NESA, SCA).
• Support internal and external audit engagements, ensuring timely closure of findings and recommendations.
• Monitor assurance activities such as user access reviews, control checks, and compliance schedules.
• Report on compliance status, exceptions, and remediation plans to management.
• Maintain documentation and evidence to support governance, risk, and compliance (GRC) requirements.
• Liaise with IT/security teams and vendors on incident reporting, documentation, and follow-up.

Policy, Governance & Awareness

• Support the development, review, and enforcement of IT and cybersecurity policies, standards, and procedures.
• Contribute to the implementation and continuous improvement of the IT Governance Framework, aligning with ISO 27001 and other standards.
• Promote security awareness through training, communications, and awareness sessions across all business units.
• Participate in governance and risk forums, and support management reporting.

Disaster Recovery (DR) & Business Continuity (BCM)

• Support the development, maintenance, and testing of Disaster Recovery (DR) and Business Continuity (BC) plans.
• Coordinate DR/BC test planning, scheduling, execution, and documentation of results.
• Track corrective actions, ensure remediation, and maintain centralized DR/BC documentation for audits and management reporting.

Operational & Project Support

• Support group-wide information security, governance, and compliance initiatives.
• Assist in managing IT governance and security projects, including coordination with vendors and service providers.
• Gather data to identify gaps, support process improvements, and escalate issues where needed.
• Track and report progress on information security and governance initiatives to senior management.
• Provide leadership within the function, setting individual objectives, managing performance, developing, and motivating staff, provision of formal and informal feedback and appraisal – in order to maximize subordinate and departmental performance in the pursuit of the Department’s objectives.

People Management 

• Build and promote an organization culture that encourages innovation and reward performance that leads to enhanced staff motivation and retention.
• Provide leadership within the function, setting individual objectives, managing performance, developing, and motivating staff, provision of formal and informal feedback and appraisal – in order to maximize subordinate and departmental performance in the pursuit of the Department’s objectives.

About you:

The ideal candidate for this position will have the following experience and qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Information Security, or a related discipline.
• Relevant certifications (e.g., ISO 27001 Lead Implementer/Lead Auditor, CISM, CISA, CompTIA Security+) preferred but not mandatory
• 3–5 years of relevant experience in information security, IT governance, risk management, or compliance.
• Knowledge of IT governance, risk, and compliance frameworks (ISO 27001, NIST CSF, COBIT, ITIL, ISO 22301).
• Experience in disaster recovery and business continuity planning and testing.
• Experience supporting audits, compliance initiatives, and implementation of security frameworks (e.g., ISO 27001, NIST, COBIT).
• Exposure to working with multiple stakeholders, including internal teams, vendors, and auditors

About the Benefits:

At Dubai Holding, we're committed to nurturing the success and well-being of our colleagues. Join our dynamic and diverse team, and enjoy a comprehensive benefits package that includes competitive compensation, career development opportunities, and a collaborative work environment. We strongly believe in creating an empowered workforce that will help us build a connected city for tomorrow. We are committed to attracting the brightest minds and nurturing the most pioneering candidates who desire to make a great impact on the future of Dubai