Information Security Professional​/Information Security Expert

Abu Dhabi, United Arab Emirates | Posted on 02/18/2026

Raqmiyat is a UAE-based IT and digital transformation company specializing in consulting, staffing, and enterprise technology solutions. We empower banking, government, and enterprise clients across the Middle East to achieve their digital objectives.

We are looking for a highly experienced Information Security Expert to support and strengthen the organization’s cybersecurity posture across governance, risk management, technical security, and operational security functions.

The ideal candidate will have strong experience in enterprise security environments and hold relevant certifications such as
CISSP, CISM, CEH, or equivalent
.

This role requires hands-on expertise combined with strategic thinking to support security initiatives from planning through execution.

Key Responsibilities

1. Governance & Compliance

• Develop, review, and maintain information security policies, standards, procedures, and guidelines.
• Ensure alignment with international security frameworks such as
  ISO 27001/27002, NIST CSF, NIST SP 800 series, CIS Controls
  , and applicable regulatory requirements.
• Conduct gap assessments and support internal/external audits and compliance reviews.
• Prepare compliance reports and management presentations.
• Support the establishment and enhancement of information security governance structures (e.g., security committees, risk committees, incident response teams).

2. Risk & Security Management

• Perform enterprise-wide information security risk assessments (IT and OT environments).
• Identify, analyze, and document security risks across applications, infrastructure, cloud, and operational systems.
• Develop and track risk treatment and mitigation plans aligned with business objectives.
• Facilitate risk acceptance and reporting processes.
• Support third-party/vendor risk management activities, including supplier security assessments and due diligence reviews.
• Maintain and monitor the organization’s cybersecurity risk register.

3. Technical Security & Advisory

• Provide guidance on secure architecture design, defense-in-depth, and zero-trust principles.
• Review and validate security configurations across networks, servers, databases, cloud platforms, applications, and endpoints.
• Support vulnerability management activities including vulnerability assessments and penetration testing.
• Provide remediation guidance based on risk prioritization.
• Stay updated on emerging cyber threats, attack trends, and evolving security technologies.
• Advise on security tools, architecture improvements, and best practices.

4. Security Operations & Incident Support

• Support day-to-day security operations and collaborate with the SOC team.
• Assist in monitoring, detection, and response activities.
• Participate in incident investigations, root cause analysis, and remediation efforts.
• Review and optimize SIEM alerts and security monitoring rules.
• Support tabletop exercises, disaster recovery drills, and cybersecurity readiness activities.

Required Qualifications & Experience

• Bachelor’s degree in Information Security, Computer Science, IT, or related field.
• 8+ years of experience in Information Security or Cybersecurity roles within enterprise environments.
• Professional certifications such as
  CISSP, CISM, CEH, ISO 27001 Lead Implementer/Auditor
  , or equivalent.
• Strong understanding of security frameworks (ISO 27001, NIST, CIS Controls).
• Experience in risk management, compliance, vulnerability management, and security operations.
• Exposure to cloud security (AWS, Azure, or GCP) is an advantage.
• Experience working with SIEM, EDR, firewall, and other enterprise security tools.
• Strong communication and stakeholder management skills.