Manager Information Security

COMPANY OVERVIEW

Our client, a Karachi-based, State Bank of Pakistan (SBP) regulated Electronic Money Institution (EMI), seeks to appoint an experienced professional for the following role:

Job Role

As Manager – Information Security, you will be responsible for establishing and enforcing security protocols that safeguard Company's information systems, digital assets, and customer data.

Key Responsibilities

• Develop & Implement Information Security Strategy – Design and execute a comprehensive information security roadmap aligned with company's digital infrastructure, business model, and regulatory obligations.
• Cybersecurity Risk Management – Identify, assess, and mitigate cybersecurity risks across infrastructure, applications, APIs, mobile platforms, and third-party integrations.
• Regulatory Compliance & SBP Alignment – Ensure full compliance with SBP guidelines and international security frameworks (e.g., ISO 27001, NIST), and act as the point of contact for regulator-driven security reviews.
• Security Architecture & Operations – Oversee the design, configuration, and monitoring of security systems including firewalls, endpoint protection, SIEM, encryption, and identity/access management tools.
• Incident Response & Threat Management – Develop and lead the incident response process, including detection, containment, investigation, recovery, and post-mortem reporting.
• Security Audits & Penetration Testing – Coordinate regular internal and third-party audits, vulnerability assessments, and penetration testing to ensure system hardening.
• Employee Awareness & Policy Enforcement – Establish security awareness programs, train internal staff, and enforce information security policies across all departments.
• Collaboration with Internal Audit & IT – Work closely with Internal Audit, Technology, and Compliance teams to ensure consistent enforcement of risk controls and secure infrastructure design.

Education

• Minimum 16 years of education, preferably, Master's from a renowned and HEC recognized university or institution/equivalent foreign degree holder institution, in any/or combination of the disciplines
• Professional certifications such as CISSP, CISM, CEH, or ISO 27001 Lead Implementer/Auditor are highly desirable.

Experience

• Information Security Expertise – Minimum 5 years of relevant experience in information security or cybersecurity roles, preferably within fintech, digital banking, or regulated financial institutions.
• Regulatory & Standards Knowledge – Strong understanding of SBP cybersecurity guidelines, ISO 27001, NIST, and relevant global information security frameworks.
• Incident Management & Threat Response – Demonstrated experience in handling security incidents, vulnerability assessments, and threat intelligence operations.
• Security Operations & Architecture – Hands-on experience with firewalls, IDS/IPS, antivirus, endpoint protection, IAM, encryption, and secure network architecture.

Requirements

• Technical Cybersecurity Proficiency – Deep technical knowledge of cybersecurity tools, infrastructure protection, and digital risk management in consumer-facing platforms.
• Regulatory & Audit Readiness – Proven track record of preparing for and managing regulator-led audits, and aligning cybersecurity operations with legal and compliance standards.
• Risk & Policy Management – Ability to define, implement, and enforce cybersecurity policies, standards, and control frameworks organization-wide.
• Cross-Functional Collaboration – Strong interpersonal skills to work closely with technology, audit, risk, and compliance teams to embed a culture of security.
• Adaptability in Fast-Paced Environments – Demonstrated ability to manage evolving security risks in dynamic, high-growth fintech ecosystems.

Age

• The candidate should preferably be not more than 35 years of age as of last date of submission of application.

This advertisement is published on 28 April 2026. The last date to apply is 07 May 2026. Candidates who possess the required experience and educational qualifications to undertake this challenging role are encouraged to submit their applications at https://hrsi.careers-page.com/

Only shortlisted candidates will be contacted.

www.hrs-int.com