6 Chief Information Security Officer jobs in Karachi

Requirements:

Qualification: ACCA / Bachelors' Degree in Business

Experience: 1-2 years (Relevant Experience in Financial Institution)

Responsibilities; Good understanding of analyzing financial statements

Skilled in report writing

Job Type: Full-time

Pay: Rs80, Rs100,000.00 per month

Key Responsibilities:

• Conduct credit risk assessments for new and existing clients.
• Analyze financial statements, credit data, and market conditions to evaluate repayment capacity.
• Support in setting credit limits, approving credit facilities, and monitoring exposures.
• Develop and implement credit risk models, scorecards, and stress testing where applicable.
• Ensure compliance with regulatory requirements and internal risk policies.
• Prepare detailed credit risk reports, highlighting exposures, trends, and risk mitigation strategies.
• Monitor portfolio performance, track delinquencies, and recommend corrective actions.
• Collaborate with Relationship Managers, Finance, and Legal teams to mitigate risks.
• Assist in developing and updating credit policies, procedures, and risk appetite frameworks.
• Participate in internal and regulatory audits relating to credit risk.

Qualifications & Skills:

• Bachelor's degree in Finance, Accounting, Economics, or related field (Master's preferred).
• Professional certification is a plus (FRM, CFA, PRM, CA, ACCA).
• 1-2 years of experience in credit risk, banking, or financial services (adjust for entry/senior roles).
• Strong knowledge of credit risk assessment techniques, financial analysis, and Basel regulations.
• Proficiency in MS Excel, financial modeling, and risk management systems.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills.
• Ability to work under pressure and meet deadlines.

Key Competencies:

• Risk Assessment & Analytical Skills
• Decision Making & Judgment
• Financial Acumen
• Attention to Detail
• Regulatory & Compliance Knowledge
• Collaboration & Stakeholder Management

Job Type: Full-time

Work Location: In person

Requirements:

Qualification: ACCA / Bachelors' Degree in Business

Experience: 1-2 years (Relevant Experience in Financial Institution)

Responsibilities;

Good understanding of analyzing financial statements

Skilled in report writing

Job Type: Full-time

Work Location: In person

Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture, this is your chance to make a real impact

Threat & Incident Management:

• Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
• Support incident response by analyzing security events and escalating issues.
• Manage access control policies to prevent unauthorized access to sensitive data.

Security Tools Management:

• Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Maintain and optimize antivirus, endpoint protection, and data leak prevention tools.
• Continuously evaluate security tools to enhance detection and response capabilities.

Technical Security Implementation:

• Design and implement network security controls (firewalls, IDS/IPS, VPNs).
• Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
• Implement patch management strategies to address security gaps.

Security Architecture & Compliance:

• Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards.
• Monitor security event logs and analyze anomalies for proactive threat detection.
• Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.

Research & Development:

• Track emerging cyber threats and enhance detection techniques.
• Conduct threat intelligence analysis and proactively implement risk mitigation measures.
• Lead cybersecurity awareness initiatives and train internal teams on security protocols.

Documentation & Reporting:

• Maintain system documentation, incident response playbooks, and escalation procedures.
• Generate security reports and dashboards for continuous security posture improvement.

Requirements

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
• Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
• Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security.
• Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
• Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
• Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
• Familiarity with forensic investigation techniques, malware analysis, and threat intelligence.
• Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.

COMPANY OVERVIEW :

Our client, a Karachi-based, State Bank of Pakistan (SBP) regulated Electronic Money Institution (EMI), seeks to appoint an experienced professional for the following role:

As Manager Information Security, you will be responsible for establishing and enforcing security protocols that safeguard companys information systems, digital assets, and customer data.

Key Areas of Responsibilities

• Develop & Implement Information Security Strategy Design and execute a comprehensive information security roadmap aligned with companys digital infrastructure, business model, and regulatory obligations.
• Cybersecurity Risk Management Identify, assess, and mitigate cybersecurity risks across infrastructure, applications, APIs, mobile platforms, and third-party integrations.
• Regulatory Compliance & SBP Alignment Ensure full compliance with SBP guidelines and international security frameworks (e.g., ISO 27001, NIST), and act as the point of contact for regulator-driven security reviews.
• Security Architecture & Operations Oversee the design, configuration, and monitoring of security systems including firewalls, endpoint protection, SIEM, encryption, and identity/access management tools.
• Incident Response & Threat Management Develop and lead the incident response process, including detection, containment, investigation, recovery, and post-mortem reporting.
• Security Audits & Penetration Testing Coordinate regular internal and third-party audits, vulnerability assessments, and penetration testing to ensure system hardening.
• Employee Awareness & Policy Enforcement Establish security awareness programs, train internal staff, and enforce information security policies across all departments.
• Collaboration with Internal Audit & IT Work closely with Internal Audit, Technology, and Compliance teams to ensure consistent enforcement of risk controls and secure infrastructure design.

Education

• Minimum 16 years of education, preferably, Masters from a renowned and HEC recognized university or institution/equivalent foreign degree holder institution, in any/or combination of the disciplines
• Professional certifications such as CISSP , CISM , CEH , or ISO 27001 Lead Implementer/Auditor are highly desirable

Experience

• Information Security Expertise Minimum 5 years of relevant experience in information security or cybersecurity roles, preferably within fintech, digital banking, or regulated financial institutions
• Regulatory & Standards Knowledge Strong understanding of SBP cybersecurity guidelines, ISO 27001, NIST, and relevant global information security frameworks
• Incident Management & Threat Response Demonstrated experience in handling security incidents, vulnerability assessments, and threat intelligence operations
• Security Operations & Architecture Hands-on experience with firewalls, IDS/IPS, antivirus, endpoint protection, IAM, encryption, and secure network architecture

Age

• The candidate should be preferably not more than 40 years of age as of last date of submission of application.
  

If you have the required experience and educational qualification to take up the challenging role, you are requested to apply by October 24 , 2025 at

Only shortlisted candidates will be contacted.