New opportunity
Compliance Officer – Commercial & Cybersecurity
- Location
- Dubai
- Salary
- Up to 40kAED
- Type
- Full-time
- Experience
- Senior Level
Posted about 3 hours agoVETWORK
Job description
Compliance Officer – Commercial & Cybersecurity
Location: Dubai, UAE
Salary: AED 40,000 per month
Sector: Cybersecurity / IT Distribution / Commercial Compliance
Client: Confidential global cybersecurity business
VETWORK is supporting a confidential global cybersecurity and digital infrastructure business with the appointment of an outstanding Compliance Officer – Commercial & Cybersecurity based in Dubai.
This is a high-impact compliance role for a candidate who can operate across both commercial compliance and cybersecurity governance. The successful individual will support the business in maintaining strong regulatory, contractual, ethical and operational compliance across a fast-moving cybersecurity and technology distribution environment.
This is not a tick-box compliance position. The client requires someone commercially aware, technically credible and confident working with senior stakeholders across sales, operations, legal, finance, vendors and regional leadership.
The Opportunity
The successful candidate will join a major international organisation operating within the cybersecurity ecosystem. The role will suit someone who understands that compliance in this environment is not purely legal or procedural; it directly affects vendor relationships, partner onboarding, deal governance, procurement, data protection, cybersecurity standards, risk management and commercial decision-making.
The ideal candidate will bring a strong combination of commercial judgement, cyber awareness, governance discipline and stakeholder confidence. They must be able to protect the business while also enabling growth.
Key Responsibilities
You will be responsible for supporting and strengthening compliance across areas including:
Commercial compliance, internal governance and control frameworks.
Cybersecurity compliance, technology risk and information security governance.
Vendor, reseller, partner and third-party due diligence.
Contract compliance, commercial terms, policy adherence and approval processes.
Data protection, privacy and information governance requirements.
Cybersecurity standards and control frameworks, including ISO 27001, NIST, CIS Controls or equivalent.
Risk assessments, compliance reviews, remediation tracking and reporting.
Internal audits, policy reviews and evidence gathering.
Monitoring compliance with local regulatory, legal and operational requirements.
Supporting senior leadership with compliance reporting, risk visibility and recommendations.
Working closely with sales, finance, operations, legal, HR and technical teams to ensure compliant business execution.
Helping embed a culture of accountability, ethical conduct and risk awareness across the organisation.
What We Are Looking For
We are looking for an outstanding candidate with:
Strong experience in compliance, governance, risk, audit or regulatory control.
Demonstrable knowledge of cybersecurity, information security or technology risk.
Commercial understanding of sales environments, contracts, vendor relationships, partner ecosystems or distribution models.
Experience working in the UAE or wider GCC market.
Strong understanding of policies, controls, process governance and risk management.
Ability to interpret commercial decisions through a compliance and risk lens.
Confidence engaging with senior internal stakeholders.
Excellent written communication, reporting and documentation skills.
High attention to detail, strong judgement and the confidence to challenge where required.
A pragmatic approach: able to protect the business without unnecessarily slowing commercial activity.
Highly Relevant Experience
Candidates may come from backgrounds such as:
Cybersecurity compliance
Technology compliance
GRC
Commercial compliance
Internal audit
Vendor risk management
Third-party risk
Information security governance
Data protection / privacy
IT distribution, cybersecurity vendors, systems integrators, MSSPs or enterprise technology businesses
Experience in cybersecurity, IT distribution, vendor management, reseller ecosystems or commercial technology environments would be highly advantageous.
Essential Profile
The strongest candidates will be able to demonstrate:
Extensive experience in compliance, GRC, technology risk or cyber governance.
Strong understanding of commercial and cybersecurity environments.
Experience working with senior stakeholders across multiple business functions.
Ability to review, improve and enforce policies, processes and controls.
Strong knowledge of risk registers, remediation plans, internal controls and audit readiness.
Familiarity with recognised frameworks such as ISO 27001, NIST CSF, CIS Controls, SOC 2, GDPR, UAE data protection requirements or similar.
Ability to balance commercial enablement with compliance discipline.
Professional maturity, discretion and excellent stakeholder management.
Desirable
Experience within cybersecurity, IT distribution, software, cloud, telecoms or enterprise technology.
Exposure to vendor and reseller compliance.
Experience with partner onboarding, supplier due diligence or third-party risk.
Knowledge of UAE/GCC regulatory environments.
Relevant certifications such as ISO 27001 Lead Implementer/Auditor, CISA, CRISC, CISM, CISSP, CGRC, or equivalent.
Experience working in a regional or global matrix organisation.
Candidate Profile
This role would suit someone who is:
Commercially aware
Cybersecurity literate
Detail-oriented
Confident and mature
Pragmatic rather than bureaucratic
Comfortable challenging senior stakeholders
Strong at documentation and reporting
Able to build trust across commercial and technical teams
Highly professional and discreet
Important Note
Due to the confidential nature of this appointment, the client name and full role details will only be shared following an initial discussion with suitable candidates.
This is a senior-quality appointment. We are prioritising quality over quantity and are only interested in candidates who can demonstrate genuine strength across both commercial compliance and cybersecurity / technology governance.
