Senior Cybersecurity Consultant

About ICD InfoSec

ICD InfoSec is a Dubai-based cybersecurity advisory and consulting firm specializing in strategic risk advisory, vCISO services, and GRC implementation for enterprise clients across the Middle East. Our mission is to help organizations build boardroom-aligned cyber resilience that goes beyond compliance and strengthens long-term trust.

Role Overview

ICD InfoSec is seeking a highly skilled and proactive Senior Cybersecurity Consultant to support a strategic enterprise client engagement. This role will work closely with the vCISO, supporting cybersecurity governance, risk advisory, and oversight activities across the client’s evolving cyber maturity journey. The ideal candidate will combine strong technical knowledge with governance understanding and be comfortable engaging with IT, InfoSec, Compliance, and Risk teams.

Key Responsibilities

Support to vCISO & Strategic Program Enablement

• Collaborate with the vCISO in driving the cybersecurity roadmap and posture improvement initiatives.
• Contribute to the preparation of board-level risk reports, KPI dashboards, and governance scorecards.
• Track progress of strategic initiatives, risk treatments, and security-related action plans.
• Assist in executive stakeholder engagements and governance committee activities.

Cyber Risk & Threat Intelligence

• Provide input on emerging threats, threat intelligence, and evolving attack surfaces.
• Support the development and refinement of threat intelligence frameworks and reporting.
• Coordinate with internal teams on firewall policies, endpoint protection, and cloud control reviews.

Governance, Risk & Compliance (GRC)

• Support alignment with regulatory frameworks (e.g., ISO 27001, NIST CSF, PDPL, GDPR, NESA).
• Assist with audit readiness, evidence collection, risk register updates, and compliance tracking.
• Contribute to 3LoD implementation, data privacy reviews, and cyber maturity benchmarking.
• Participate in policy review, security exception tracking, and governance documentation.

Incident Response & Resilience Advisory

• Assist in reviewing incident response plans, escalation matrices, and playbooks.
• Participate in tabletop exercises, business continuity assessments, and resilience planning.
• Provide non-operational input during incident triage coordination and readiness testing.

Technology Oversight & Architecture Support

• Review and assess security tool configurations across SIEM, EDR/XDR, DLP, and cloud controls.
• Provide recommendations to optimize tool usage, workflows, and coverage gaps.
• Collaborate with IT/network/application teams on hardening initiatives and secure design reviews.
• Support the creation of executive security dashboards and reporting frameworks.

Third-Party & Vendor Risk Management

• Advise on vendor assessment methodologies, due diligence frameworks, and contractual controls.
• Support alignment of third-party engagements with security policies and compliance requirements.

Vulnerability Management & Continuous Monitoring

• Review historical vulnerability and patch management practices for control effectiveness.
• Assist in Red Team–Blue Team validation exercises and remediation tracking.
• Monitor ongoing risks and ensure continuous alignment with evolving baseline security controls.

Required Skills and Competencies

Hands-on familiarity with:

• SIEM tools (e.g., Splunk, Azure Sentinel, QRadar)
• EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
• DLP, email security, vulnerability management platforms (e.g., Tenable, Qualys)
• Network and cloud security controls (Azure, AWS, Palo Alto, Fortinet)
• Risk assessment, audit support, and GRC frameworks
• Compliance standards: ISO 27001, NIST CSF, UAE PDPL, GDPR, NESA

Soft Skills:

• Strong written and verbal communication; able to interface with senior stakeholders
• Structured, detail-oriented, and outcome-driven
• Strong collaboration and coordination skills across cross-functional teams
• High degree of accountability and initiative, with a governance-first mindset

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or a related discipline
• 8–12 years of experience in cybersecurity, including advisory and GRC-focused roles
• Preferred certifications:
• CISSP, CISM, CEH, ISO 27001 Lead Implementer, CRISC, or equivalent

Why Join ICD InfoSec?

At ICD InfoSec, we don’t just consult - we lead. We’re a cybersecurity advisory firm built on trust, integrity, and strategic impact. Our vCISO-driven model puts you at the heart of boardroom-level decision-making, guiding some of the region’s most respected enterprises as they navigate risk, compliance, and digital transformation. Here, you will collaborate with a team of global cybersecurity leaders on high-stakes engagements across BFSI, Utilities, Retail, Healthcare, government, and enterprise.

• Gain exposure to real-world regulatory challenges
• Influence C-suite security strategy
• Shape the future of cyber resilience in the Middle East

We believe in continuous learning, sharp execution, and building trust by design — and we’re looking for professionals who share that mindset.