Compliance Officer

Job Title:

Location:

About The Role

cloud, AI, and digital health operations

regulatory, legal, and internal requirements

risk management

audit readiness

compliance oversight

UAE and international data protection and cybersecurity standards

Key Responsibilities

• Implement and monitor compliance frameworks across cloud and AI environments.
• Ensure adherence to UAE PDPL, NESA, ISO 27001, and related data protection standards.
• Conduct internal compliance reviews, risk assessments, and regulatory audits.
• Manage incident reporting, policy updates, and compliance awareness training.
• Collaborate with IT, cybersecurity, and legal teams to address compliance gaps and findings.
• Maintain documentation to support external audits and regulatory submissions.
  

Requirements

• 4–7 years of experience in compliance, IT governance, or regulatory affairs.
• Strong knowledge of cloud compliance, data protection, and regulatory frameworks.
• Preferred certifications: ISO 27001, CISA, CIPP/E, or equivalent.
• Strong attention to detail, risk awareness, and excellent communication skills
  

Technical Skills

• Regulatory Frameworks: Strong understanding of UAE laws and standards such as PDPL, NESA, ADHICS, and international frameworks like ISO 27001, GDPR, and HIPAA (for health data).
• Cloud Compliance: Knowledge of compliance requirements for Azure, AWS, or GCP environments, including data residency and access controls.
• Data Protection & Privacy: Expertise in data classification, data retention, consent management, and cross-border data transfer regulations.
• Cybersecurity Compliance: Familiarity with cybersecurity frameworks and incident response protocols.
• Risk Assessment: Experience in conducting compliance risk assessments, gap analyses, and mitigation planning.
• Audit Management: Skilled in coordinating internal and external audits, preparing compliance documentation, and ensuring audit readiness.
• Policy Development: Ability to draft, review, and update compliance policies, SOPs, and regulatory reports.
• Incident Reporting: Experience managing data breach notifications, investigations, and regulatory communication.