188 Chief Security Officer jobs in Pakistan

This is a full-time, on-site role located in Punjab, Pakistan. The Chief Information Security Officer (CISO) will oversee the information security strategy and operations of the PSCA. The CISO will be responsible for developing and implementing security policies and procedures, managing cybersecurity risks, ensuring compliance with regulations, and leading incident response efforts. In this role, the CISO will also work closely with other departments to strengthen the organization's security posture and business continuity management.

Key Responsibilities:

1-Develop and implement enterprise-wide information security strategy, policies, and procedures.

2-Ensure alignment with national cybersecurity guidelines, international standards (ISO, GDPR, NIST, PCI-DSS), and regulatory requirements.

3-Lead Governance, Risk & Compliance (GRC) programs and oversee security audits.

4-Design and manage secure network architecture, including firewalls, intrusion detection/prevention, and incident response.

5-Oversee deployment of advanced security technologies (XDR, SIEM, SOAR, EDR, Threat Intelligence, Cloud Security).

6-Conduct regular risk assessments, vulnerability scans, and penetration tests to safeguard systems and data.

7-Establish and lead the Incident Response Plan (IRP) including investigation, containment, recovery, and reporting.

8-Promote organization-wide cybersecurity awareness and training programs.

9-Serve as primary liaison with regulatory authorities and external partners on cybersecurity matters.

10-Report regularly to executive leadership on cybersecurity posture, risks, and mitigation strategies.

Requirements:

16 years of education in Cybersecurity, Information Security, Computer Science, or related discipline (PhD/Masters preferred).

Mandatory top-tier certification (CISSP, CCISO, or equivalent). Additional certifications (CISA, CISM, CRISC, CCSP, ISO standards) are a plus.

10+ years of relevant experience with at least 3–5 years in a senior leadership role.

Proven track record of managing cybersecurity programs (SOC, GRC, Digital Forensics, Security Testing).

Strong expertise in cloud security, AI-related threats, and emerging security technologies.

Excellent leadership, communication, and stakeholder management skills.

Perks & Benefits:

1-Salary upto 500k

2-Insurance- all family members covered upto 5 lacs each

3-Car and Fuel as per PSCA regulations

Join to apply for the Information Security Analyst – Compliance & Risk Management role at Zones IT Solutions

Join to apply for the Information Security Analyst – Compliance & Risk Management role at Zones IT Solutions

Get AI-powered advice on this job and more exclusive features.

Description

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you’ll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory/security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.
  
  

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience with auditing vendors/service providers/partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
• Bachelor’s degree in Computer Science or Information Technology.
  
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries Computer Hardware Manufacturing, Software Development, and IT Services and IT Consulting

Referrals increase your chances of interviewing at Zones IT Solutions by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Overview

Company Overview: Zones – First Choice for IT. Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Zones, a Minority Business Enterprise (MBE) with over 35 years in business, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, Zones partners with Microsoft, Apple, Cisco, Lenovo, Adobe, and more to build digital infrastructures that change how business operates.

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework, tracking enterprise compliance across multiple security frameworks, assisting internal teams for internal and external assessments and audits, collaborating on IT projects to address security policy and risk issues, and developing key performance metrics to track and ensure compliance with policies and standards.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory and security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS; maintain up-to-date records of requirements and mitigating controls.
• Assist internal teams with readiness for internal/external assessments and audits against industry standards; review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure security policy and risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience auditing vendors/service providers/partners for security compliance.
• Experience working with Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate compliance requirements.
• Bachelor’s degree in Computer Science or Information Technology.

Zones offers a comprehensive Benefits package. At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer life insurance, optional health insurance, and retirement benefits in line with Company policy. Employees also enjoy additional perks such as the Voluntary Pension Scheme, EOBI, complimentary meals, and access to our in-house gym.

We take pride in being an equal opportunity employer and remain dedicated to maintaining a workplace free from discrimination of any kind. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

08:00 PM to 05:00 AM (Pk time)

Responsible for designing and implementing enterprise-wide security architectures to protect organizational information systems. Ensures robust security frameworks, compliance with industry standards, and proactive threat mitigation. Collaborates with IT, risk, and business teams to evaluate security risks, integrate advanced security solutions, and optimize defenses. Develops policies, procedures, and technical controls to safeguard data, systems, and networks, while continuously monitoring emerging threats and evolving security technologies to maintain a resilient security posture.

• Design, implement, and maintain enterprise security architecture strategies effectively.
• Evaluate system vulnerabilities and recommend mitigation strategies proactively.
• Collaborate with IT teams to integrate security solutions seamlessly.
• Ensure compliance with regulatory and industry security standards consistently.
• Conduct risk assessments and provide recommendations for security improvements.
• Develop security policies, standards, and guidelines for organization.
• Monitor emerging threats and recommend advanced protective measures regularly.
• Provide guidance on secure system designs and architecture reviews.

• Expertise in network, application, and cloud security architecture principles.
• Strong knowledge of security frameworks, standards, and regulatory requirements.
• Proficiency in threat modeling, risk assessment, and mitigation techniques.
• Experience with security tools, monitoring, and incident response processes.
• Excellent analytical, problem-solving, and communication skills for collaboration.
• Ability to design and implement scalable, resilient security architectures.

Note: Salary is disbursed in the local currency of the country of employment.

• Date Posted

August 20, 2025
- Location

Hyderabad
- Offered Salary:

¤ ¤
- Expiration date

June 2, 2026
- Experience

5 Year
- Gender

Both
- Qualification

Bachelor Degree
- Career Level

Others

Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture , this is your chance to make a real impact!

Responsibilities

• Threat & Incident Management:
• Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
• Support incident response by analyzing security events and escalating issues.
• Manage access control policies to prevent unauthorized access to sensitive data.
• Security Tools Management:
• Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.) .
• Maintain and optimize antivirus, endpoint protection, and data leak prevention tools .
• Continuously evaluate security tools to enhance detection and response capabilities .
• Technical Security Implementation:
• Design and implement network security controls (firewalls, IDS/IPS, VPNs).
• Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
• Implement patch management strategies to address security gaps.
• Security Architecture & Compliance:
• Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards .
• Monitor security event logs and analyze anomalies for proactive threat detection.
• Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.
• Research & Development:
• Track emerging cyber threats and enhance detection techniques.
• Conduct threat intelligence analysis and proactively implement risk mitigation measures.
• Lead cybersecurity awareness initiatives and train internal teams on security protocols .
• Documentation & Reporting:
• Maintain system documentation, incident response playbooks, and escalation procedures .
• Generate security reports and dashboards for continuous security posture improvement .

• Bachelor’s degree in Computer Science, IT, Cybersecurity, or a related field.
• 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
• Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
• Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security .
• Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
• Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
• Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
• Familiarity with forensic investigation techniques, malware analysis, and threat intelligence .
• Professional certifications such as CISSP, CEH, OSCP , or vendor-specific security credentials are a plus.

Bachelor's degree in Computer Science, Information Technology, or a related field.

Develop and implement information security policies and procedures.

Conduct regular risk assessments and vulnerability assessments.

Monitor and respond to security incidents and breaches.

Manage and maintain security tools and technologies.

Collaborate with IT teams to ensure compliance with security standards.

Educate employees about security best practices and awareness.

Maintain an up-to-date knowledge of cybersecurity threats and trends.

Assist in the development and maintenance of disaster recovery and business continuity plans.

Conduct security audits and assessments, ensuring compliance with regulatory requirements.

Continuously improve security awareness and practices throughout the organization.

Qualification and Experience:

Bachelor's degree in Computer Science, Information Technology, or a related field.

2+ years of experience in information security or a related role.

Strong understanding of cybersecurity principles and best practices.

Knowledge of industry standards and compliance regulations (e.g., NIST, ISO 27001, GDPR).

Experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM).

Ability to perform risk assessments and vulnerability assessments.

Excellent problem-solving and communication skills.

Security certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.

Strong attention to detail and analytical skills.

Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture, this is your chance to make a real impact

Threat & Incident Management:

• Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
• Support incident response by analyzing security events and escalating issues.
• Manage access control policies to prevent unauthorized access to sensitive data.

Security Tools Management:

• Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Maintain and optimize antivirus, endpoint protection, and data leak prevention tools.
• Continuously evaluate security tools to enhance detection and response capabilities.

Technical Security Implementation:

• Design and implement network security controls (firewalls, IDS/IPS, VPNs).
• Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
• Implement patch management strategies to address security gaps.

Security Architecture & Compliance:

• Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards.
• Monitor security event logs and analyze anomalies for proactive threat detection.
• Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.

Research & Development:

• Track emerging cyber threats and enhance detection techniques.
• Conduct threat intelligence analysis and proactively implement risk mitigation measures.
• Lead cybersecurity awareness initiatives and train internal teams on security protocols.

Documentation & Reporting:

• Maintain system documentation, incident response playbooks, and escalation procedures.
• Generate security reports and dashboards for continuous security posture improvement.

Requirements

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
• Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
• Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security.
• Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
• Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
• Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
• Familiarity with forensic investigation techniques, malware analysis, and threat intelligence.
• Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.