Cyber Security Manager

Be among the first applicants.

General Commercial Gaming Regulatory Authority - GCGRA

United Arab Emirates

AED 50,000 - 200,000

Be among the first applicants.

Yesterday

Job description

General Commercial Gaming Regulatory Authority - GCGRA

The Cyber Security Manager is responsible for engineering, implementing on-premises and cloud-based cyber security systems, applications, processes and for monitoring and supervising service providers to ensure the confidentiality, integrity and availability of GCGRA assets. This position involves conducting security assessments of systems, applications and networks, as well as deploying and maintaining solutions such as Privileged Access Management (PAM), Data Leakage Prevention (DLP), Vulnerability Management (VM), or Identity Access Management (IAM). The resource is also engaged in the definition and establishment of the GCGRA Cyber Security Operations Centre (CSOC), across the technology and process domains.
The role requires a proactive approach to risk mitigation and compliance with regulatory standards.

Responsibilities

Design, Implement and Manage Security Solutions
Engineer, implement, monitor, maintain and optimize advanced cybersecurity systems and technologies to protect on-premises and IaaS/SaaS cloud-based systems, networks and applications:

L7 firewall and Intrusion Prevention Systems (IPS)
Privileged Access Management (PAM)
Vulnerability Management (VM)
Identity Access Management (IAM)
Data Classification and Protection
Endpoint Protection (EP)
Endpoint Detection and Response (EDR)
Security Information and Event Management (SIEM)

Collaborate with IT and external vendors to ensure smooth integration and operation of these tools.

Conduct Vulnerability Assessments and Analysis
Conduct periodic security assessments of systems, networks and applications to identify and analyze threats, and recommend mitigations.

Proactively identify threats through advanced threat analysis and intelligence gathering.

Support the Head of Cyber Security and Infrastructure in the coordination of penetration testing and red teaming initiatives conducted by external contractors.

Monitor and Respond to Cyber Security Incidents
Oversee the real-time monitoring of security events and lead the incident response process, including forensic investigations.

Respond to and manage cybersecurity incidents, ensuring rapid containment and resolution.

Conduct root cause analysis and implement measures to prevent recurrence.

Develop and maintain incident response plans, including playbooks and communication protocols.

Support Risk Assessment and Compliance Audit Activities
Support the Heads of Cyber Security and Infrastructure and Internal Audit in conducting regular risk assessments to evaluate potential threats to GCGRA infrastructure and data.

Ensure compliance with applicable standards, such as ISO 27001, NIST, and UAE-specific regulations.

Provide recommendations for enhancing security posture and reducing risk exposure.

Cyber Security Oversight
Support the Head of Cyber Security and Infrastructure in the development and enforcement of security policies, standards, guidelines, processes and procedures in alignment with UAE regulatory requirements and industry best practices.

Collaboration with Internal Teams and External Service Providers
Work with GCGRA IT, DevOps, and internal business units to ensure secure application development, deployment, and maintenance.

Support the Head of Cyber Security and Infrastructure in the supervision of third-party service providers to ensure the delivery of high-quality cybersecurity services.

Evaluate vendor performance against SLAs and recommend improvements or changes as needed.

Conduct Training and Awareness
Develop and deliver cybersecurity awareness programs for employees and stakeholders.

Provide training for staff and external contractors on cybersecurity best practices and ensure team awareness of emerging threats.

Stay updated on the latest cybersecurity threats and trends to proactively enhance security strategies.

Documentation and Reporting
Maintain detailed records of cybersecurity tools, incidents, and processes.

Provide periodic reports on cybersecurity metrics, compliance status, and risk mitigation efforts to the Head of Cybersecurity and Infrastructure, the CIO and other stakeholders.

Minimum Requirements

Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
Minimum of 8 (eight) years of progressive technical experience in cybersecurity roles, with a focus on designing, engineering, implementing and managing security solutions and processes.
Solid understanding of network and system security, application security, and data protection.
Hands-on proficient experience with security tools like SIEM (Microsoft Sentinel, Splunk, QRadar), firewalls (Palo Alto Networks, Fortinet), vulnerability scanners (Nessus, Qualys), and endpoint protection systems.
Advanced knowledge of security frameworks and standards, such as NIST, ISO 27001, CIS Controls, or PCI-DSS.
Strong knowledge of securing cloud platforms (AWS, Microsoft Azure, Google Cloud), including IAM, MFA, SSO, encryption, and compliance best practices.
Proven experience in managing cyber security incidents, conducting threat hunting using advanced methodologies. Experience in digital forensics technology solutions and investigations is desirable.
Knowledge of scripting languages such as Python, PowerShell, or Bash for automation and custom security solutions.
Certifications such as CISSP, CISM, CEH, GIAC or similar are highly desirable.

Company Industry

Defence
Military
Government

Department / Functional Area

IT Software

Keywords