Manager Cybersecurity Resilience - Aviation/OT/IOT/ET

Job description / Role

At Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers 'Fly Better'. Emirates Group IT thrives on the dynamic nature of technology. Being pioneers in aviation innovation, we're always at the forefront, pushing boundaries. We're on the lookout for exceptional IT professionals to fortify our position as leaders in the industry. Embark on a journey with the world's largest international airline and become a vital part of our cutting-edge information and technology team as Manager Cybersecurity Resilience-Aviation/OT/IOT/ET

As a Manager Cybersecurity Resilience-Aviation/OT/IOT/ET in the Cyber Security team, you will join us and ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.

In this role you will own Cyber Security products engineering for our Operational Technologies (OT) and Industrial Control Systems (ICS) such as PLC, SCADA, DCS, SCMS, Internet of Things (IOT), Aviation Technologies and Emerging Technologies (ET) (Metaverse, Blockchain, Crypto, GenAI and Robotics).You will also be accountable for developing the necessary expertise to plan, design, and implement an effective resilience program and remediate any open risks associated with these technologies as well as lead the operational management of related threats, vulnerabilities, and regulatory compliance, risks and on-going assessments.

In this role you will:

- Own the respective cyber-resilience strategy and drives an appropriate cyber security risk posture into the respective products.
- Advise the respective business areas with cyber security expertise (e.g., in Engineering, Flight and Airport Operations, Fleet Management, Futures and Innovation)
- Build appropriate risk mitigation approaches to adequately manage risk exposure.
- Strategize and proactively implement and ensure respective regulatory compliance to apply thought leadership leading in our industry.
- Own and manage team of subject matter expertise in-house to support a pro-active cybersecurity resilience program for those technologies including policies, processes, threat, and vulnerability management.
- Define and build design principles that follow 'security by design' thinking into product development as well as deployments incorporating defence in depth security controls.
- Manage a program of effective and proactive security testing activities for all products. Drive software and hardware hardening efforts for all the respective technologies and products.
- Be responsible for the operational management of product threats, vulnerabilities, risks and on-going assessments of how they can be managed are within the scope and influence of this role.
- Act in the role of the Data Security Officer (DSM) in line with the GCAAs requirement stated in the ANSP.

To be considered for the role, you must meet the below requirements:

- Degree or Honours (12 +3 or equivalent) in Information Technology/IT Security/Other.
- 10+ years in Information Technology.
- Minimum of 5 years at a senior level in Product/Aviation/OT/IOT/Emerging Tech Cybersecurity and Hardware Security
- Experience with the following:

- Ground Transportation Technologies.
- Maritime Transportation Technologies.
- Risk Management.
- Stakeholder Management and Cross-Functional Leadership
- Computer Engineering, IT/OT Cybersecurity.
- Security Handbook and U-ANSOG compliance design and implementation
- ANSP design, implementation and maintenance for legacy and e-Enabled Aircrafts.

- Knowledgeable with the following:

- Aviation, ARNIC standards, Avionics, Datalinks, and Aviation Regulations (EUROCAE/RTCA).
- Regulatory compliance requirements for Aviation Regulations such as GCAA and EASA.
- EIS and e-Ops Cybersecurity requirements design and implementation.

- Operational Technologies:

- Knowledge and skills in Industrial Control Systems (ICS), IoT, Industrial IoT and Medical IoT
- Knowledge of regulatory compliance requirements for OT/IoT such as NIST CSF, IEC/ISA 62443, DESC ICS and NESA

- Emerging Technologies:

- Knowledge and skills in Web 3.0/Metaverse, and Smart Contracts.
- Solid understanding of the Ethereum Virtual Machine (EVM) architecture and mechanisms, and common smart contract vulnerabilities.
- Ability to create security metrics for measuring relevant blockchain security aspects.
- Knowledgeable in GenAI and LLM best practices and standards.
- Knowledge, skilled and experienced with secure boot, code signing, and code execution, SDR / GNU Radio, JTag / UART / Serial Debugging / Reverse Engineering, Electronic Sensors and PBC knowledge.

Leadership Role: Yes.

About the Company

A fast-growing international airline with one of the youngest fleets in the sky and more than 400 awards for excellence worldwide.