Senior Cybersecurity Compliance Analyst

Job description / Role

At Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers 'Fly Better'. Our Cybersecurity team has an exciting position of a Senior Cyber security Compliance Analyst. The senior analyst is an experienced regulatory compliance analyst with a background in cybersecurity. Their primary responsibility is to plan and lead the execution of risk assessments, compliance reviews, vulnerability assessments and measure compliance against EU-GDPR, UK DPA and PCI-DSS standards. The senior analysts work output also supports continuous review and compliance to internal policies and standards.

What you will do:

- Assess risk and conduct root cause analysis to recommend, implement and/or design new features and functionalities to support compliance initiatives.
- Manage implementation of any new compliance requirements for existing or new needs.
- Manage all evidence collection activities relating to compliance.
- Coordinate with all business units and the enterprise to obtain and validate evidence required for compliance and assessments.
- Incrementally improve the evidence collection process and streamline evidence collection procedures.
- Communicate regularly PCI DSS, EUGDPR requirements and the status of PCI DSS and EU-GDPR compliance to IT, Data Privacy Office, business units, and enterprise executives, management, and liaisions.
- Communicate regularly with assessors and adjust the compliance program as needed.
- Coordinates with company and vendor SMEs to ensure adherence to program requirements.
- Manage relationship of compliance needs in conjunction with needs of the other cyber departments.
- Challenge and validates assessment decisions from both internal business units as well as external partners/vendors

Requirements

Qualifications & Experience
What you will bring:

- Information Technology.
- Other : 5+ Years
- Degree or Honours (12+3 or equivalent) :
- Degree in a subject relevant to IT.
- ISA certification/designation with a previous PCI DSS compliant entity, PCIP or QPASP certification.
- Certified IAPP/CIPP.
- Experience in managing or assessing successful/compliant PCI DSS program(s).
- Minimum seven (7) years of relevant experience (information security, audit, compliance, risk management)
- Candidates with experience in a Level-1 Merchant or significant global business are preferred.

Knowledge/skills:

- Working knowledge of UK and EU data protection legislation (including DPA and GDPR)
- Data Discovery and Data Flow Mapping
- Data quality and data cleansing techniques
- Business Risk Management
- IT Audit and Information Security Management Systems

About the Company

A fast-growing international airline with one of the youngest fleets in the sky and more than 400 awards for excellence worldwide.