Loading
IT
Risk Management
Karachi
Full Time/Permanent
Minimum Bachelors in the Information Security / relevant field with International Level certifications, e.g. CEH, CISM, CISSP (Preferred)
Market Competitive + Other benefits
Key Responsibilities:
Information Security Management & Reporting
Leads the design, development, implementation and maintenance of Information /Cyber Security Strategy, Policies, Procedures and Cyber Security Action Plan.
Management of Security Operations Center (SOC) for monitoring, identifying and mitigating information security incidents and/or any potential threat to the bank’s information assets.
Apprise the Senior Management and Board committees on the risks. Develop and implement Information / Cyber Security Strategy, Policies, Procedures and/or Cyber Security Action Plan on periodic basis.
Submit required data to Compliance Division, SBP & BOD on periodic basis
Security Compliance
Facilitate the bank to comply with the regulatory requirements with respect to Information and Cyber Security. Facilitate IT Division in Information Security/Regulatory/Internal and external IT audits.
Software Change and Configuration Management Reviews
Lead activities related to reviews of software and configurations changes. Periodic review of procedures, implementation, and test for the software change / configuration management.
Review and incorporate T-24 critical processes and test results of segments in BCP and provide support for business impact analysis when required.
Security Awareness
Implementation of bank-wide Information Security Awareness Program. Communicate and interact with the bank’s staff and business management on Information Security related programs, risks, policies, and controls. Keep abreast with new laws/regulations and best practices related to Information and Cyber Security, Business Continuity/Disaster Recovery.
Team Building
Develop, retain and lead the team of qualified and skilled information security professionals and develop KPIs to measure the effectiveness of the Information Security team.
Ensure capacity building within the information security team by training & oversee personnel with significant IT security duties.
Competancies:
Deep understanding of systems, its working and associated risks. Analytical and problem solving skills. Ability to work in high pressure situations and take decisions. Keen to learn new technologies. Self-confidence and result oriented. Time management and ability to complete tasks within deadlines.
Dynamic and vigilant to keep an eye on ever-changing information security risks. Polished leadership, people management and motivational skills.
Adaptable and convincing in challenging situations. Ability to create healthy work ethics. Develop team and promote learning culture.
Ability to effectively manage sensitive situations and confidential data.
Key Relationships:
Regulator (SBP) / External Auditor
Proficient in Information Security (IS) risk management
Deep understanding of IS risk assessments and development of controls to avoid those risks
Technical and project management skills with focus on Information Security.
Knowledge of Information security policies, standards, procedures and guidelines
Understanding of the banking systems & processes
Analytical and Leadership Skills