Job PurposeAt Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers ‘Fly Better’. Emirates Group IT thrives on the dynamic nature of technology. Being pioneers in aviation innovation, were always at the forefront, pushing boundaries. Were on the lookout for exceptional IT professionals to fortify our position as leaders in the industry. Embark on a journey with the world’s largest international airline and become a vital part of our cutting-edge information and technology team as Senior CyberSecurity Assurance Services Analyst.
Join our CyberSecurity team where we ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.
As a Senior CyberSecurity Assurance Services Analyst, you will provide subject matter expertise across secure software development, security architecture governance, and cybersecurity metrics and data analytics for the Emirates Group. Drive the integration of secure coding practices, the validation and evolution of security architecture patterns, and the delivery of actionable security metrics to proactively strengthen the Groups security posture. Collaborate with cross-functional and portfolio assurance teams to ensure policy and standards compliance, foster innovation, and enable informed, data-driven decision-making to mitigate risk and enhance organisational resilience.
In this role, you will:
- Lead the planning, execution, and continuous improvement of cybersecurity assurance services initiatives by setting clear objectives, aligning activities with organisational goals, and ensuring best practices are embedded across secure coding, architecture governance, and metrics-driven risk management.
- Oversee and facilitate cross-functional collaboration by engaging with IT, development, portfolio assurance, and governance teams. Assist in embedding robust security controls, policies, and standards into all phases of the technology lifecycle, ensuring seamless integration and consistent service across the enterprise.
- Champion the adoption and optimisation of advanced security tools, automation, and analytics by evaluating emerging technologies, streamlining workflows, and implementing scalable solutions. Enhance the efficiency, accuracy, and effectiveness of assurance processes.
- Mentor and coach technical teams by providing expert guidance, delivering targeted training, and fostering a culture of excellence, accountability, and continuous learning across coding, architecture, and metrics domains.
- Drive risk identification, escalation, and mitigation efforts by leveraging threat intelligence, governance frameworks, and data-driven insights. Proactively inform strategic decisions, prioritise remediation activities, and ensure organisational resilience against evolving cyber threats.
- Govern the review, approval, and validation of security architecture designs for new and existing solutions. Ensure strict adherence to the Emirates Group’s approved security patterns, frameworks, and risk appetite. Proactively identify and address architecture-related security risks.
- Lead the evaluation, evolution, and creation of security architectural patterns by collaborating with solution specialists, architects, and technical teams. Recommend and coordinate updates to address emerging threats, business needs, and technological advancements.
- Provide expert guidance and actionable feedback to stakeholders on the implementation of secure architectures. Facilitate compliance with internal policies, regulatory standards, and secure-by-design principles. Support audit and compliance activities as needed.
To be considered for this role, you must meet the below requirements:
- Degree or Honours (12+3 or equivalent) in Cybersecurity, Computer Science, Engineering, or a related IT Security discipline.
- 5+ years in Information Technology and IT security, including hands-on Cybersecurity Data Analytics experience.
- Relevant credentials such as CISSP, CISM, OSCP, CISSP-ISSAP, SABSA, TOGAF, ISO 27001 Lead Auditor, or Data Analytics certifications.
- Strong hands-on experience in cloud, web application, and infrastructure penetration testing (VAPT), with proven ability to identify and exploit complex vulnerabilities.
- Deep knowledge of cloud security testing techniques, including IAM privilege escalation, insecure configurations, exposed services, and multi-stage attack paths in cloud environments.
- Advanced expertise in web application security testing, aligned with OWASP Top 10 and modern application architectures (APIs, microservices, authentication flows).
- Practical experience in network and infrastructure penetration testing, including Active Directory attacks, credential harvesting, lateral movement, and post-exploitation techniques.
- Demonstrated ability to translate technical findings into risk-based insights, prioritising vulnerabilities based on business impact, exploitability, and threat context.
- Experience in integrating penetration testing into CI/CD, secure development lifecycle (SDLC), and assurance processes, enabling shift-left security and continuous validation.
Leadership Role: Yes
Salary & benefitsJoin us in Dubai and enjoy an attractive tax-free salary and travel benefits that are exclusive to our industry, including discounts on flights and hotels stays around the world. Find out what it’s like to live and work in our fast-paced, cosmopolitan home city in the Dubai Lifestyle section of our website www.emirates.com/careers
