Sector: Information Technology
Qualification: Bachelor/Master degree in Information Technology
Experience: 10 years
Senior Manager Information Security job in Islamabad for one of the leading Telecom Company. An ideal candidate should have Bachelor/Master degree in Information Technology/Computer Sciences (Masters in Information Security would be preferred) along with minimum 10 years of experience of implementation of Information Security Strategy in banking or telecom sector.
The Job role of Senior Manager Information Security is to ensure IT systems and data protection by managing information and cyber security risks of the organization
- Build and implement Information Security Strategy to ensure the security of organization wide Information & Technology Systems
- Ensuring Security Governance & compliance in organization and monitor adherence to policies, processes and procedure by carrying out regular audits and communicate shortfalls effectively
- Lead the security design for all departmental projects, developments, integrations, third party integrations, highlight and clearly articulate risk mitigation requirements
- Prepare and execute annual Information Security Audit program
- Manage and develop talent, trainings and succession plans
- Be responsible for ensuring Disaster recovery and Business continuity
- Be responsible for ensuring information / cyber security of organization
- Ensuring information / cyber security from concept to go live and post go live
- Lead continuous assessment of software systems, Applications, portals, network & infrastructure to identify the vulnerabilities and risks
- Build a plan to mitigate the vulnerabilities and risks identified during assessment exercises
- Work closely with project team to ensure security implementations according State Bank of Pakistan requirements and industry best practices
- Review the documentation for new projects, change requests, and provide recommendations on the same
- Make risk treatment plan and lead implementation of compensating controls.
- Review the documentation for new projects, change requests, and provide recommendations on the same.
- Review application user logs and identify risks w.r.t. segregation of duties.
- Proactively monitors security levels of systems and establishes baseline security models
- Development, implementation, and enforcement of information security policies and procedures
- Strong Analytical skills to analyze behavior, logs and events in network security devices like NG Firewalls, Intrusion Detection / Prevention and Web Application Firewalls
- In-depth knowledge of IT technologies including: Routing & Switching in LAN/WAN architectures, WLAN, Radius, SSO/SAML, Cloud Platform, Identity Access Management, SDLC, Microsoft Technologies (Active Directory, IIS, ISA, DNS, SQL) & Linux
- Perform Information Security Audits & Risk Assessments and design the mitigation plans to minimize the threat
- Lead IT related internal / external Audit; ensure compliance hence reducing the likelihood of audit findings, regulatory & legal liabilities
- Develops strategy for measuring compliance against security policies, standards and its reporting.
- Extensive experience of State Bank regulations and assurance of its compliance
- Knowledge of information security risk management frameworks (like NIST & ISO) and compliance practices
- Must have proven track record of performing comprehensive security assessment of Financial and Telecom systems
- Must have proven track record of implementation of IT security vulnerabilities mitigation plans
- Must have strong background of network and network security related concepts
- Must have rich experience of using different tools to perform information / cyber Security assessments
- Should be “Offensive Security Certified Professional (OSCP)” or minimum “Certified Ethical Hacker (CEH) “
- Certified Information Systems Security Professional (CISSP) or equivalent certification would be preferred
- Must be experienced with ISO27001, ISO27002, COBIT & ITIL, PCI DSS Compliance
Apply at firstname.lastname@example.org
Kindly mention the job title Senior Manager Information Security in the email
Last date to apply for the job is 6th April, 2020
To apply Online Fill-in the form below and submit Fields marked with asterisk(*) are mandatory.