Lead enterprise information security by governing systems, policies, and risk programs aligned to Dubai standards; operate the cyber security function; enforce access and architecture controls; and drive threat‑informed improvements, audits, and incident readiness that ensure compliant, resilient operations across RTA.

• Set, approve, and enforce information‑security policies and standards; define and ratify strategic and operational objectives, KPIs, and audit regimes; direct remediation across concerned departments.
• Define and own the risk‑management framework, assign accountable owners for risk registers, scenarios, and response plans; order periodic reviews and updates with agencies and sectors.
• Institutionalize and mandate RTA‑wide awareness for employees, suppliers, and contractors with measurable targets; approve annual awareness plans and cadence.
• Lead and approve financial governance for informatio...