Job PurposeAt Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers ‘Fly Better’. Emirates Group IT thrives on the dynamic nature of technology. Being pioneers in aviation innovation, were always at the forefront, pushing boundaries. Were on the lookout for exceptional IT professionals to fortify our position as leaders in the industry. Embark on a journey with the world’s largest international airline and become a vital part of our cutting-edge information and technology team as Principal Threat Emulation Engineer.
Join our CyberSecurity team where we ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.
As a Principal Threat Emulation Engineer, you will lead the organisation’s adversary emulation function by designing and executing a strategic, multi-year roadmap for intelligence-led simulations of real-world cyber threats targeting critical assets. Develop and deliver a structured program to assess and improve the organisation’s ability to detect, prevent, and respond to threats by operating Breach and Attack Simulation (BAS) platforms, conducting targeted exercises, and governing the remediation of identified vulnerabilities. Collaborate with Cybersecurity Operations, Incident Response, Threat Intelligence, and Security Engineering teams to address systemic weaknesses and align simulation outcomes with long-term resilience strategies.
In this role you will:
- Define and execute a strategic, multi-year adversary emulation roadmap to validate and enhance the organization’s security posture against relevant threat actors. Align adversary emulation outcomes with security architecture, technology investment decisions, and organizational resilience objectives.
- Design, implement, and operate Breach and Attack Simulation (BAS) platforms to emulate tactics, techniques, and procedures (TTPs) and integrate results with security information and event management (SIEM) systems.
- Conduct targeted simulation exercises to test detection, prevention, and response capabilities across technology, process, and personnel.
- Oversee the governance process for remediation of vulnerabilities identified through internal and third-party assessments, ensuring closure within agreed timelines.
- Produce and deliver clear, risk-focused reports on simulation outcomes to technical teams, senior management, and governance bodies.
- Collaborate with Cybersecurity Operations Centre (SOC), Incident Response, Threat Intelligence, and Security Engineering teams to validate and optimise detection logic, incident playbooks, and control effectiveness.
- Establish and maintain strong relationships with key internal and external stakeholders to ensure alignment, transparency, and strategic impact of adversary emulation activities.
- Mentor and develop team expertise in adversary tradecraft and detection engineering, while engaging senior stakeholders to translate technical findings into business-focused insights, shape security investment priorities, and align outcomes with the organisation’s long-term resilience strategy.
To be considered for the role, you must meet the below requirements:
- Degree or Honours (12+3) or equivalent Degree in Information Technology, Information Security, or a related field.
- Preferred professional certifications such as OSCP, OSEP, CRTP, CRTE, GPEN, or equivalent
- 8+ years of experience designing and leading enterprise-scale adversary emulation or cyber resilience programs, with 5+ years in red team, adversary emulation, or offensive security leadership roles.
- Proficiency with Breach and Attack Simulation (BAS) platforms, red team tooling, and advanced simulation frameworks.
- Strong knowledge of MITRE ATT&CK, cyber kill chain, detection engineering, SIEM correlation, SOC operations, and incident response workflows.
- Demonstrated expertise in security architecture, threat modelling, and assessment of defensive controls.
- Track record in governance of vulnerability remediation, ensuring timely closure of high-risk and systemic issues.
- Ability to engage and influence senior stakeholders and translate technical outcomes into actionable business insights.
- Proven leadership in mentoring and developing high-performing technical teams in adversary tradecraft and detection engineering.
- Strong analytical, communication, and collaboration skills with a commitment to continuous learning and staying ahead of evolving threats.
Leadership Role: Yes
Salary & benefitsJoin us in a management role and enjoy an attractive tax-free salary. On top of our generous travel benefits, including discounted flights and hotel stays around the world, this managerial role also has an excellent leave and healthcare package. That’s on top of transport benefits, life insurance and more. Find out what it’s like to live and work in our fast-paced, cosmopolitan home city in the Dubai Lifestyle section of our website www.emirates.com/careers
