Industry:
Banking/Financial Services
Category:
Security
Total Position:
1
Job Type:
Full Time/Permanent ( First Shift (Day) )
Department:
Risk Management
Job Location:
Islamabad
Gender:
No Preference
Minimum Education:
Masters
Degree Title:
Masters in Computer Science with specialization in information security related subjects or equivalent qualification • Preferably have ISO 27001 LI, CISSP, or CISM Security qualification.
Career Level:
Experienced Professional
Minimum Experience:
5 Years(Preferably 5 years of experience in managing I&IT security function in a banking environment. Preference will be given to candidates with Temenos T24 exposure.)
Job Description
1. Develop and implement IT Security Policy, standards, procedures
- Develop, review & implement I&IT security policy, standards, frameworks, procedures & related guidelines for their continued applicability and effectiveness with respect to regulatory compliance.
- Provide support to IT & business in recommending security controls & best practices, from technology aspects.
- Ensure compliance of I&IT security policies & related guidelines on an ongoing basis.
2. Information Security Assessments & Oversight
- Collaborate with KMBL IT department to identify, select and implement technical security controls.
- Research, evaluate and recommend information-security-related tools & technologies, including development of business case for security investments.
- Plays an advisory role in reviewing major IT infrastructure & application projects to assess security requirements, controls and ensure that technology changes or systems modifications are carried out as per security best practices.
- Oversee vulnerability assessment, penetration testing program for IT infrastructure & critical business application to review & recommend security controls and remediation techniques as part of continuous improvement process.
- Establish & review baseline security configurations of core IT infrastructure and applications
- Research and assess new threats and security alerts, and recommends remedial actions.
- Consistence compliance follow-up for security improvement.
3. Security OPS Center (SOC) & Cyber Security Management
- Monitor security logs to track malicious events/incidents that can lead towards exploitation of IT risks and non-compliance of I&IT security policy.
- Lead investigation of information security incidents, breaches, risks, threats and vulnerabilities to protect bank’s information/IT assets.
- Support IT administrators, Internal Audit & fraud investigation team for the resolution of reported security incidents.
4. I&IT Security Risk Management
- Establish and execute a security risk management program on continual basis to identify the risks/treat and remediate according to the risk mitigation strategy.
5. Application’s Identity & Access Management
- Assist the senior management for IAM/UMD’s governance
- Establish & review IAM/UMD’s framework & access matrix regularly
- Establish & review IAM/UMD OLA (Operation level agreements) and OLA breaches continuously
6. IT Security Awareness Program Management
- Establish, conduct and manage an effective information security awareness program using innovative ideas across KMBL.
Required Skills
Ms Office Suit, Presentation Skills, Interpersonal Skills, Quality Control Knitting, Analytical Skills, Risk Management Practices, Public Accounting Information, Internal Audit,
We are an equal opportunity employer and value talent diversity at our Bank. We do not discriminate on the basis of age, color, gender, marital status, race, religion, or disability status. Therefore, all qualified candidates are welcomed and encouraged to apply on our positions.