M U S H A W A R

Loading

Job Detail
Category

IT

Functional Area

Risk Management

Location

Karachi

Job Type:

Full Time/Permanent

Qualifications

Minimum Bachelors in the Information Security / relevant field with International Level certifications, e.g. CEH, CISM, CISSP (Preferred)

Experience
Minimum 5 - 7 years’ experience in IT Security / IT Risks and Control / IT Audit
Offered Salary

Market Competitive + Other benefits

Job Description

Key Responsibilities:

Information Security Management & Reporting

Leads the design, development, implementation and maintenance of Information /Cyber Security Strategy, Policies, Procedures and Cyber Security Action Plan.

Management of Security Operations Center (SOC) for monitoring, identifying and mitigating information security incidents and/or any potential threat to the bank’s information assets.

Apprise the Senior Management and Board committees on the risks. Develop and implement Information / Cyber Security Strategy, Policies, Procedures and/or Cyber Security Action Plan on periodic basis.

Submit required data to Compliance Division, SBP & BOD on periodic basis

Security Compliance

Facilitate the bank to comply with the regulatory requirements with respect to Information and Cyber Security. Facilitate IT Division in Information Security/Regulatory/Internal and external IT audits. 

Software Change and Configuration Management Reviews

Lead activities related to reviews of software and configurations changes. Periodic review of procedures, implementation, and test for the software change / configuration management.

Review and incorporate T-24 critical processes and test results of segments in BCP and provide support for business impact analysis when required.

Security Awareness

Implementation of bank-wide Information Security Awareness Program. Communicate and interact with the bank’s staff and business management on Information Security related programs, risks, policies, and controls. Keep abreast with new laws/regulations and best practices related to Information and Cyber Security, Business Continuity/Disaster Recovery.

 Team Building

Develop, retain and lead the team of qualified and skilled information security professionals and develop KPIs to measure the effectiveness of the Information Security team.

Ensure capacity building within the information security team by training & oversee personnel with significant IT security duties.

Competancies:

Deep understanding of systems, its working and associated risks. Analytical and problem solving skills. Ability to work in high pressure situations and take decisions. Keen to learn new  technologies. Self-confidence and result oriented. Time management and ability to complete tasks within deadlines.

Dynamic and vigilant to keep an eye on ever-changing information security risks. Polished leadership, people management and motivational skills.

Adaptable and convincing in challenging situations. Ability to create healthy work ethics. Develop team and promote learning culture.

Ability to effectively manage sensitive situations and confidential data.

Key Relationships:

Regulator (SBP) / External Auditor

Skills

Proficient in Information Security (IS) risk management

Deep understanding of IS risk assessments and development of controls to avoid those risks

Technical and project management skills with focus on Information Security.

Knowledge of Information security policies, standards, procedures and guidelines

Understanding of the banking systems & processes

Analytical and  Leadership Skills 

Apply Now