Manager Information Security

COMPANY OVERVIEW:

Our client a Karachi-based State Bank of Pakistan (SBP) regulated Electronic Money Institution (EMI) seeks to appoint an experienced professional for the following role:

As Manager Information Security you will be responsible for establishing and enforcing security protocols that safeguard companys information systems digital assets and customer data.

Key Areas of Responsibilities

• Develop & Implement Information Security Strategy Design and execute a comprehensive information security roadmap aligned with companys digital infrastructure business model and regulatory obligations.
• Cybersecurity Risk Management Identify assess and mitigate cybersecurity risks across infrastructure applications APIs mobile platforms and third-party integrations.
• Regulatory Compliance & SBP Alignment Ensure full compliance with SBP guidelines and international security frameworks (e.g. ISO 27001 NIST) and act as the point of contact for regulator-driven security reviews.
• Security Architecture & Operations Oversee the design configuration and monitoring of security systems including firewalls endpoint protection SIEM encryption and identity/access management tools.
• Incident Response & Threat Management Develop and lead the incident response process including detection containment investigation recovery and post-mortem reporting.
• Security Audits & Penetration Testing Coordinate regular internal and third-party audits vulnerability assessments and penetration testing to ensure system hardening.
• Employee Awareness & Policy Enforcement Establish security awareness programs train internal staff and enforce information security policies across all departments.
• Collaboration with Internal Audit & IT Work closely with Internal Audit Technology and Compliance teams to ensure consistent enforcement of risk controls and secure infrastructure design.

Education

• Minimum 16 years of education preferably Masters from a renowned and HEC recognized university or institution/equivalent foreign degree holder institution in any/or combination of the disciplines
• Professional certifications such as CISSP CISM CEH or ISO 27001 Lead Implementer/Auditor are highly desirable

Experience

• Information Security Expertise Minimum 5 years of relevant experience in information security or cybersecurity roles preferably within fintech digital banking or regulated financial institutions
• Regulatory & Standards Knowledge Strong understanding of SBP cybersecurity guidelines ISO 27001 NIST and relevant global information security frameworks
• Incident Management & Threat Response Demonstrated experience in handling security incidents vulnerability assessments and threat intelligence operations
• Security Operations & Architecture Hands-on experience with firewalls IDS/IPS antivirus endpoint protection IAM encryption and secure network architecture

Age

• The candidate should be preferably not more than 40 years of age as of last date of submission of application.
  

If you have the required experience and educational qualification to take up the challenging role you are requested to apply by October 24 2025 at

Only shortlisted candidates will be contacted.