Information & Cyber Security
(ICS) Risk Specialist

Meet myZoi

myZoi
is changing lives for the better for those who deserve it the most. We are an
exciting fintech start -up aiming to promote financial inclusion globally. Our
vision is to provide a level playing field to the unbanked and the underbanked
in accessing essential financial services in an affordable, convenient, and
transparent fashion. We are looking for smart, ambitious, and purpose -driven
individuals to join us in this journey. 

The Role

We
are seeking an Information & Cyber Security (ICS) Risk & Compliance
Specialist to collaborate with our Technology and Compliance teams in
strengthening our information security posture while aligning with UAE
regulatory mandates. This role will bridge technical controls, compliance
frameworks, and financial sector regulatory obligations, whilst ensuring safe
adoption of enabling technologies. The ideal candidate will have strong
information and cybersecurity technical skills, knowledge of global and local
information and cybersecurity regulations and standards, including with respect
to enabling technologies, good project management experience, and a proactive
mindset for continuous improvement and stakeholder engagement. Overall, this
role will help the ICS Team ensure that information systems remain secure and
compliant with internal and external regulations, and protect our IT
infrastructure and digital assets from security threats.

Key Responsibilities

• Lead and execute on information and cybersecurity
  regulatory compliance initiatives, such as CBUAE Information Security related
  and NESA UAE Information Assurance annual self -certification as well as the
  remediation exercise.
  
• Own the PCI -DSS lifecycle, encompassing scoping,
  remediation and coordination of gap or technical assessments - liasing with
  external vendor(s), SecOps, SREs and DevOps (as required).
  
• Monitor, evidence, and report on CIS controls, including
  the implementation of any identified gaps and improvements to existing controls
  where appropriate. Drive adoption across IT and business functions (as
  required).
  
• Lead and drive all cyber risk and compliance activities
  from a project management perspective, reporting to the CISO. This may include
  compliance with additional regulations, frameworks, or standards in the future,
  in alignment with the business roadmap and adoption of enabling technologies.
  
• Collaborate with the SecOps Team to ensure that the
  technical implementation of security controls meets regulatory requirements for
  existing and new tools, while automating processes such as control monitoring
  efficiently and effectively by leveraging SOC tools whenever feasible.
  
• Track, interpret, and operationalize notices and circulars
  from the Central Bank of the UAE, including maintaining a central repository of
  CBUAE directives and related actions.
  
• Support the Cybersecurity Manager and CISO with conducting
  internal audits and prepare for potential regulatory inspections.
  
• Support the CISO and Cybersecurity Manager with periodic
  reporting to the Executive Risk Committee, ensuring that updates are prepared
  in advance and exploring automation opportunities.
  
• Conduct proactive annual threat -led risk assessments for
  critical assets, supporting the Cybersecurity Manager and CISO with a
  risk -based information and cybersecurity strategy and roadmap.
  
• Collaborate with IT, legal, compliance, and other teams as
  required to implement timely controls and reporting obligations while also
  supporting with information security training and awareness.
  
• Formulate a future -ready integrated control framework aimed
  at automating, streamlining, and enhancing the efficiency and effectiveness of
  information and cybersecurity regulatory and compliance requirements.
  
• Explore and propose a solution to automate information and
  cyber compliance monitoring, evidencing, and reporting, utilizing visual
  dashboards to demonstrate risk posture and compliance status to
  cross -functional leadership.
  

Qualifications

• Bachelor’s degree in Cybersecurity or a related discipline;
  a Master’s degree in a related field is preferred.
  
• Certifications: CISSP and CISA / CISM and Prince2 / PMP
  preferred.
  
• 6+ years of hands -on experience in information and cyber
  risk, compliance, control implementation and project management (with a
  Master’s degree in a related discipline), or
  
• 8+ years of hands -on experience in information and cyber
  risk, compliance, control implementation and project management (with a
  Bachelor’s degree in Cybersecurity or a related discipline).
  
• Extensive knowledge and experience with e.g. CBUAE
  Information Security and NESA UAE Information Assurance regulations, CIS
  Controls, PCI -DSS, ISO27001 and CBUAE directives.
  
• Strong command of English and excellent communication
  skills, with the ability to simplify complex concepts for non -technical
  audiences.
  
• Ability to manage multiple tasks in a high -pressure
  environment.
  
• Willingness to engage actively in task execution as well as
  management.
  
• Experience in financial services or fintech environments is
  essential.
  
• Experience in data security and broader data governance is
  a plus.
  

You’ll
be part of a team committed to secure innovation, balancing agility with
discipline. We’re reimagining risk culture through compliance that fosters
trust, not just ticks boxes.

This
role is based in Dubai (UAE).

What We Offer

• Competitive salary package, with health insurance and
  benefits.
  
• Professional growth and development opportunities.
  
• Opportunity to work with cutting -edge fintech solutions.
  
• Flexible work arrangements.
  
• A great team.
  

At myZoi we strive to create a both a
product and a team that embraces equality, inclusion, diversity and freedom. We
want people who can be themselves and bring their own brand of value to the
team. Come and join us!