86 Cyber Security jobs in Pakistan

We are seeking a skilled

Microsoft Defender for Endpoint Specialist

to join our team in Islamabad. The ideal candidate will play a key role in deploying and managing Microsoft Defender for Endpoint solutions to ensure robust endpoint security across the organization. Key Responsibilities

Deploy and configure

Microsoft Defender for Endpoint

solutions across diverse environments. Integrate endpoint security with

Active Directory

and

Microsoft 365

infrastructure. Monitor, analyze, and respond to endpoint security incidents. Optimize endpoint security configurations for performance and protection. Collaborate with IT teams to ensure compliance with security standards and best practices. Document configurations, procedures, and troubleshooting guidelines. Requirements:

Bachelor’s degree

in Computer Science, IT, or a related field (mandatory). Proven experience with

Active Directory

and

Microsoft 365 administration . Hands-on experience with deploying and managing

Microsoft Defender for Endpoint . Strong understanding of endpoint security concepts and incident response. Excellent troubleshooting and problem-solving skills. Ability to work under tight deadlines and deliver quality results. Location

We are looking for a Microsoft Defender EDR/XDR Specialist in our Islamabad office. You may apply if you are willing to work in any of the locations and have relevant experience. What Are We Offering?

Health Insurance Provident Fund Compensation Plans Paid Certifications & Training Stars Of the Month Rewards Quarterly Meetups Anniversary & Eid Gifts Employee Loans for Hajj, Umrah and events

#J-18808-Ljbffr

Position Title : Manager Cybersecurity
Location: Lahore / Kharian
Position Type: Full-Time

About Us:

ACE Money Transfer is a UK-based multinational company headquartered in Manchester, United Kingdom. ACE Money Transfer provides online remittance services to individuals in 28 countries across UK, Europe, Canada, and Australia enabling them to send money across border in over 100 countries.

Overview:

Ace Money Transfer is seeking a highly experienced and dynamic Cyber Security Manager to lead and mentor both our Offensive (Red Team) and Defensive (Blue Team) security teams. This critical role will be responsible for developing, implementing, and overseeing the organization's overall cybersecurity strategy, ensuring the protection of our assets and data against evolving threats. The ideal candidate will possess a strong technical background with hands-on experience in either offensive or defensive security, coupled with proven leadership abilities and a deep understanding of security best practices and compliance frameworks.

Responsibilities:

• Strategic Leadership (Offensive & Defensive Security) :
  Develop and implement the overarching cybersecurity strategy for the organization, encompassing both offensive (Red Team) and defensive (Blue Team) security initiatives and aligning them with business objectives.
  
• Team Management & Development:
  
  Lead, mentor, and manage both the Offensive Security and Defensive Security teams, fostering a collaborative and high-performing environment. This includes defining team objectives, assigning responsibilities, and facilitating professional growth.
  
• Offensive Security Operations:
  
  Oversee and guide the planning and execution of penetration testing, vulnerability assessments, and red team exercises to identify and exploit weaknesses in applications, systems, and networks. Ensure actionable recommendations for remediation are provided and tracked.
  
• Defensive Security Operations:
  
  Manage and enhance the organization's security monitoring, incident response, and threat intelligence capabilities. Ensure the effective detection, analysis, containment, eradication, and recovery from security incidents.
  
• Security Tooling & Technology Management:
  
  Oversee the selection, implementation, and management of a comprehensive suite of security tools and technologies used by both offensive and defensive teams (e.g., SIEM, EDR, vulnerability scanners, penetration testing frameworks). Ensure optimal utilization and integration of these tools.
  
• Secure Development Lifecycle (SDLC) Integration:
  
  Champion and enforce secure coding practices and security integration throughout the software development lifecycle, collaborating closely with development teams to build secure applications by design.
  
• Threat Modeling & Risk Assessment:
  
  Lead and participate in threat modeling exercises for applications and infrastructure, identifying potential security risks and proposing effective security controls for both prevention and detection.
  
• Vulnerability Management (Application & Infrastructure) :
  
  Develop and maintain a comprehensive vulnerability management program that spans both applications and infrastructure, overseeing the identification, tracking, prioritization, and remediation of security vulnerabilities identified through both offensive and defensive measures.
  
• Incident Response Management:
  
  Collaborate with the incident response team and provide leadership in investigating and responding to security incidents, particularly those related to applications. Contribute to the development and refinement of incident response plans and playbooks.
  
• Security Code Reviews & Architecture Guidance:
  
  Lead and guide security code reviews to analyze and assess the security posture of application code. Provide expert guidance on the design and implementation of secure application architectures, ensuring adherence to security-by-design principles.
  
• Compliance & Governance:
  
  Drive the implementation and maintenance of ISO 27001 and PCI DSS compliance frameworks across both application and infrastructure security domains. Ensure adherence to relevant security policies, standards, and regulations.
  
• Reporting & Communication:
  
  Develop and present clear and concise reports on the security posture of applications and infrastructure, including findings from offensive security activities and incident response efforts, to both technical and executive audiences.
  
• Security Awareness & Training:
  
  Promote a strong security awareness culture within the organization, collaborating on the development and delivery of security training programs for both technical and non-technical staff.
  
• Budget Management:
  
  Manage the cybersecurity budget for both offensive and defensive security initiatives, ensuring cost-effectiveness and optimal resource allocation.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field. Relevant security certifications (e.g., CISSP, CISM, OSCP, CEH) are highly desirable.
  
• Minimum of 5 years of progressive experience in cybersecurity roles.
  
• Mandatory hands-on experience with at least one of the following:

Offensive Security Tools & Techniques:

Penetration testing frameworks (e.g., Metasploit, Cobalt Strike), vulnerability scanners (e.g., Nessus, Burp Suite), and exploitation methodologies.

Defensive Security Tools & Techniques:

SIEM platforms (e.g., Splunk, ELK Stack, Sentinel), EDR solutions, intrusion detection/prevention systems (IDS/IPS), and threat intelligence platforms.

• Proven experience in the implementation and maintenance of ISO 27001 and PCI DSS standards.
  
• Strong understanding of network security principles, protocols, and technologies.
  
• Excellent analytical, problem-solving, and decision-making skills.
  
• Demonstrated leadership and team management abilities, with experience in building and motivating high-performing teams.
  
• Excellent communication, presentation, and interpersonal skills.
  
• Experience with cloud security platforms (e.g., AWS, Azure, GCP).
  
• Familiarity with security automation and orchestration (SOAR) tools.
  
• Experience with threat intelligence analysis and integration.

ACE Money Transfer Profile:

#J-18808-Ljbffr

We are seeking a highly skilled and motivated Mid-Tier Cyber Security Consultant with 4–5 years of proven experience in Vulnerability Assessment and Penetration Testing (VAPT), client handling, and red teaming. The ideal candidate will be a self-motivated professional with strong technical expertise and exceptional soft skills, capable of delivering high-quality services in a fast-paced, client-focused environment. Preference will be given to candidates with relevant certifications and experience in a vendor-side company.

Key Responsibilities

• Vulnerability Assessment and Penetration Testing (VAPT):
  • Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, cloud environments, and mobile applications.
  • Identify, analyze, and prioritize security vulnerabilities using industry-standard tools and methodologies.
  • Develop detailed technical reports with findings, risk assessments, and remediation recommendations tailored to technical and non-technical stakeholders.
  • Stay updated on emerging threats, vulnerabilities, and attack vectors to enhance testing methodologies.

• Red Teaming:
  • Plan and execute advanced red team engagements, simulating real-world cyberattacks to test organizational defenses.
  • Perform reconnaissance, social engineering, privilege escalation, and lateral movement to identify weaknesses in security controls.
  • Collaborate with blue teams to validate detection and response capabilities, providing actionable insights to improve security posture.
  • Document red team activities, including attack scenarios, methodologies, and outcomes, in clear and concise reports.

• Client Handling:
  • Act as the primary point of contact for clients, building strong relationships and ensuring clear communication throughout the engagement lifecycle.
  • Conduct scoping meetings, gather requirements, and tailor security assessments to meet client-specific needs and objectives.
  • Present findings and recommendations to clients in a professional and approachable manner, addressing both technical and business audiences.
  • Manage client expectations, resolve concerns promptly, and ensure high levels of client satisfaction.

• Project Management and Delivery:
  • Manage multiple concurrent projects, ensuring timely delivery of high-quality results within scope and budget.
  • Develop project plans, timelines, and deliverables in collaboration with internal teams and clients.
  • Proactively identify risks and challenges in engagements and implement solutions to maintain project momentum.

Required Qualifications

• Experience:
  • 4–5 years of hands-on experience in cyber security, with a focus on VAPT and red teaming.
  • Proven track record in a vendor-side company, delivering security services to diverse clients across industries.
  • Demonstrated experience in managing end-to-end VAPT engagements, including scoping, execution, and reporting.
  • Hands-on experience in red team operations, including adversarial simulation and advanced attack techniques.
• Certifications (Preferred):
  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (CEH)
  • GIAC Penetration Tester (GPEN)
  • Certified Red Team Professional (CRTP)
  • Other relevant certifications (e.g., CompTIA PenTest+, CISSP, or equivalent)
• Soft Skills:
  • Excellent communication and presentation skills, with the ability to explain complex technical concepts to non-technical stakeholders.
  • Strong interpersonal skills, with a client-centric approach to build trust and long-term relationships.
  • Self-motivated and proactive, with a strong sense of ownership and accountability for deliverables.
  • Ability to work independently and collaboratively in a team-oriented environment.
• Preferred Qualifications
  • Experience working in a vendor-side cyber security firm, delivering services to clients in sectors such as finance, healthcare, or technology.
  • Familiarity with compliance frameworks such as ISO 27001, GDPR, or NIST.
  • Ability to mentor junior team members and contribute to knowledge-sharing initiatives.

#J-18808-Ljbffr

Company Profile
AHOY is a dynamic venture studio based in the vibrant city of Dubai. Our passion lies in harnessing cutting-edge technology to drive innovation and empower businesses across diverse industries. With a focus on excellence and a commitment to delivering exceptional solutions, we serve as a trusted partner for companies aiming to thrive in today's digital landscape. From web and mobile app development to product prototyping and data processing automation, AHOY offers a comprehensive suite of services tailored to meet the evolving needs of businesses worldwide. Join us as we shape the future of technology and create impactful solutions that drive success for our clients.

Position Overview
AHOY is seeking a skilled Cyber Security Specialist to join our team. In this role, you will be responsible for safeguarding our company's information systems and protecting sensitive data from cyber threats. You will work closely with IT and development teams to ensure robust security frameworks are in place and maintained.

• Key Responsibilities:

1. Monitor, analyze, and respond to security incidents and threats in real-time.
2. Implement and manage security measures to protect information systems, networks, and data.
3. Conduct regular security audits and vulnerability assessments to identify potential risks.
4. Develop and maintain security policies, procedures, and documentation.
5. Stay updated on the latest trends and technologies in cyber security.
6. Provide training and support to staff on security best practices and awareness.
7. Collaborate with cross-functional teams to integrate security into software development processes.

Qualifications:

1. Bachelor’s degree in Cyber Security, Information Technology, or a related field.
2. 2+ years of experience in cyber security or information security roles.
3. Certifications such as CISSP, CISM, CEH, or equivalent are a plus.
4. Strong knowledge of network security principles, firewalls, and intrusion detection systems.
5. Experience with security tools and technologies (SIEM, anti-virus, encryption, etc.).
6. Strong analytical and problem-solving skills.
7. Excellent communication skills to convey security concepts to non-technical stakeholders.

Market Competitive Salary

Leaves

Health Insurance

Hybrid Work Model

#J-18808-Ljbffr

Job Description: Cybersecurity Specialist

Position: Cybersecurity Specialist

Location: Lahore

Employment Type: Full Time

Experience Level: Senior-Level

Job Summary

We are seeking a skilled Cybersecurity Specialist to safeguard our organization's digital infrastructure, networks, and sensitive information. The ideal candidate will have strong analytical skills, a proactive approach to identifying and mitigating cyber threats, and the ability to implement and maintain security protocols that align with best practices and compliance standards.

Key Responsibilities

• Risk Assessment and Threat Management:
• Monitor systems for vulnerabilities, threats, and incidents.
• Conduct regular risk assessments and penetration tests.
• Develop mitigation strategies to address identified risks.
• Security Infrastructure:
• Design, implement, and manage security solutions, including firewalls, intrusion detection/prevention systems, and anti-malware tools.
• Ensure endpoint protection and manage security patches for all systems.
• Incident Response:
• Investigate and respond to security breaches or incidents.
• Document and report findings, providing recommendations for prevention.
• Policy Development and Compliance:
• Develop and enforce cybersecurity policies, standards, and guidelines.
• Ensure compliance with industry regulations (e.g., GDPR, HIPAA, ISO 27001).
• Training and Awareness:
• Conduct cybersecurity training for employees.
• Promote awareness of best practices to minimize human error vulnerabilities.
• Collaboration and Communication:
• Work closely with IT teams to ensure security measures align with business goals.
• Communicate technical concepts and security risks effectively to non-technical stakeholders.

Qualifications and Skills

• Education:
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent experience may be considered.
• Certifications (Preferred):
• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker)
• CISM (Certified Information Security Manager)
• CompTIA Security+
• Technical Skills:
• Proficiency in cybersecurity tools and technologies (e.g., SIEM, IDS/IPS, EDR).
• Familiarity with programming/scripting languages (e.g., Python, PowerShell).
• Strong knowledge of network security, encryption protocols, and authentication systems.
• Experience:
• "5+ years in cybersecurity roles."
• Hands-on experience with cloud security (e.g., AWS, Azure, Google Cloud).
• Soft Skills:
• Excellent problem-solving and analytical abilities.
• Strong communication and teamwork skills.
• Ability to stay current with evolving cybersecurity trends and threats.

#J-18808-Ljbffr

Position Title : Manager Cybersecurity
Location: Lahore / Kharian
Position Type: Full-Time

About Us:

ACE Money Transfer is a UK-based multinational company headquartered in Manchester, United Kingdom. ACE Money Transfer provides online remittance services to individuals in 28 countries across UK, Europe, Canada, and Australia enabling them to send money across border in over 100 countries.

Overview:

Ace Money Transfer is seeking a highly experienced and dynamic Cyber Security Manager to lead and mentor both our Offensive (Red Team) and Defensive (Blue Team) security teams. This critical role will be responsible for developing, implementing, and overseeing the organization's overall cybersecurity strategy, ensuring the protection of our assets and data against evolving threats. The ideal candidate will possess a strong technical background with hands-on experience in either offensive or defensive security, coupled with proven leadership abilities and a deep understanding of security best practices and compliance frameworks.

Responsibilities:

• Strategic Leadership (Offensive & Defensive Security) :
  Develop and implement the overarching cybersecurity strategy for the organization, encompassing both offensive (Red Team) and defensive (Blue Team) security initiatives and aligning them with business objectives.
  
• Team Management & Development:
  
  Lead, mentor, and manage both the Offensive Security and Defensive Security teams, fostering a collaborative and high-performing environment. This includes defining team objectives, assigning responsibilities, and facilitating professional growth.
  
• Offensive Security Operations:
  
  Oversee and guide the planning and execution of penetration testing, vulnerability assessments, and red team exercises to identify and exploit weaknesses in applications, systems, and networks. Ensure actionable recommendations for remediation are provided and tracked.
  
• Defensive Security Operations:
  
  Manage and enhance the organization's security monitoring, incident response, and threat intelligence capabilities. Ensure the effective detection, analysis, containment, eradication, and recovery from security incidents.
  
• Security Tooling & Technology Management:
  
  Oversee the selection, implementation, and management of a comprehensive suite of security tools and technologies used by both offensive and defensive teams (e.g., SIEM, EDR, vulnerability scanners, penetration testing frameworks). Ensure optimal utilization and integration of these tools.
  
• Secure Development Lifecycle (SDLC) Integration:
  
  Champion and enforce secure coding practices and security integration throughout the software development lifecycle, collaborating closely with development teams to build secure applications by design.
  
• Threat Modeling & Risk Assessment:
  
  Lead and participate in threat modeling exercises for applications and infrastructure, identifying potential security risks and proposing effective security controls for both prevention and detection.
  
• Vulnerability Management (Application & Infrastructure) :
  
  Develop and maintain a comprehensive vulnerability management program that spans both applications and infrastructure, overseeing the identification, tracking, prioritization, and remediation of security vulnerabilities identified through both offensive and defensive measures.
  
• Incident Response Management:
  
  Collaborate with the incident response team and provide leadership in investigating and responding to security incidents, particularly those related to applications. Contribute to the development and refinement of incident response plans and playbooks.
  
• Security Code Reviews & Architecture Guidance:
  
  Lead and guide security code reviews to analyze and assess the security posture of application code. Provide expert guidance on the design and implementation of secure application architectures, ensuring adherence to security-by-design principles.
  
• Compliance & Governance:
  
  Drive the implementation and maintenance of ISO 27001 and PCI DSS compliance frameworks across both application and infrastructure security domains. Ensure adherence to relevant security policies, standards, and regulations.
  
• Reporting & Communication:
  
  Develop and present clear and concise reports on the security posture of applications and infrastructure, including findings from offensive security activities and incident response efforts, to both technical and executive audiences.
  
• Security Awareness & Training:
  
  Promote a strong security awareness culture within the organization, collaborating on the development and delivery of security training programs for both technical and non-technical staff.
  
• Budget Management:
  
  Manage the cybersecurity budget for both offensive and defensive security initiatives, ensuring cost-effectiveness and optimal resource allocation.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field. Relevant security certifications (e.g., CISSP, CISM, OSCP, CEH) are highly desirable.
  
• Minimum of 5 years of progressive experience in cybersecurity roles.
  
• Mandatory hands-on experience with at least one of the following:

Offensive Security Tools & Techniques:

Penetration testing frameworks (e.g., Metasploit, Cobalt Strike), vulnerability scanners (e.g., Nessus, Burp Suite), and exploitation methodologies.

Defensive Security Tools & Techniques:

SIEM platforms (e.g., Splunk, ELK Stack, Sentinel), EDR solutions, intrusion detection/prevention systems (IDS/IPS), and threat intelligence platforms.

• Proven experience in the implementation and maintenance of ISO 27001 and PCI DSS standards.
  
• Strong understanding of network security principles, protocols, and technologies.
  
• Excellent analytical, problem-solving, and decision-making skills.
  
• Demonstrated leadership and team management abilities, with experience in building and motivating high-performing teams.
  
• Excellent communication, presentation, and interpersonal skills.
  
• Experience with cloud security platforms (e.g., AWS, Azure, GCP).
  
• Familiarity with security automation and orchestration (SOAR) tools.
  
• Experience with threat intelligence analysis and integration.

ACE Money Transfer Profile:

#J-18808-Ljbffr

Job Description :

Dear All,

We are seeking a highly skilled and experienced Manager Cyber Security – Financial Services to lead and enhance our cybersecurity strategy, governance, risk management, and incident response in the financial services sector. The ideal candidate will be responsible for ensuring the security, confidentiality, integrity, and availability of our information systems, protecting sensitive financial data, and complying with regulatory requirements.

Job description:

• Develop, implement, and maintain the organization's cybersecurity strategy, policies, and procedures.
• Ensure alignment with financial industry standards, regulatory requirements, and best practices (e.g., ISO 27001, NIST, PCI DSS, GDPR).
• Conduct regular security risk assessments and propose mitigation strategies.
• Threat Management & Incident Response:
• Monitor, detect, analyze, and respond to security incidents and breaches.
• Lead cybersecurity investigations and forensics analysis.
• Develop and test incident response plans and conduct regular cyber drills.
• Risk & Compliance Management:
• Identify, assess, and mitigate cybersecurity risks affecting financial systems and customer data.
• Ensure compliance with financial regulations such as FFIEC, SOX, MAS TRM, RBI Guidelines, and other relevant cybersecurity frameworks.
• Work closely with audit teams and regulators to manage cybersecurity audits and assessments.
• Security Operations & Infrastructure Protection:
• Oversee security tools and technologies, including SIEM, IDS/IPS, endpoint protection, firewalls, and DLP.
• Implement and manage security monitoring and threat intelligence programs.
• Coordinate vulnerability management and penetration testing exercises.
• Team Leadership & Training:
• Lead and mentor cybersecurity analysts and engineers.
• Provide cybersecurity awareness training for employees and stakeholders.
• Foster a culture of security across the organization.
• Collaboration & Stakeholder Management:
• Work with IT, risk, compliance, legal, and business units to align security measures with business objectives.
• Manage relationships with third-party security vendors and service providers.
• Stay updated with emerging cybersecurity threats and innovations.

Experience:

• Minimum 7-10 years of experience in cybersecurity roles, with at least 3 years in a managerial capacity.

• Proven experience in managing cybersecurity in financial services, banking, fintech, or insurance

sectors.

Please share your resume at

Job Specification :

Technical Skills & Knowledge:

• Expertise in network security, cloud security (AWS/Azure), identity and access management (IAM), and

data protection.

• Strong knowledge of SIEM tools, SOC operations, threat intelligence, and endpoint security.

• Understanding of DevSecOps, zero trust security models, and emerging cyber threats.

Soft Skills:

• Strong leadership and team management abilities.

• Excellent problem-solving and decision-making skills.

• Effective communication and stakeholder engagement skills.

Job Rewards and Benefits : Gratuity,Leaves,Medical #J-18808-Ljbffr

Position Title : Manager Cybersecurity Location:

Lahore / Kharian Position

Type: Full-Time

About Us:

ACE Money Transfer is a UK-based multinational company headquartered in Manchester, United Kingdom. ACE Money Transfer provides online remittance services to individuals in 28 countries across UK, Europe, Canada, and Australia enabling them to send money across border in over 100 countries.

Overview:

Ace Money Transfer is seeking a highly experienced and dynamic Cyber Security Manager to lead and mentor both our Offensive (Red Team) and Defensive (Blue Team) security teams. This critical role will be responsible for developing, implementing, and overseeing the organization's overall cybersecurity strategy, ensuring the protection of our assets and data against evolving threats. The ideal candidate will possess a strong technical background with hands-on experience in either offensive or defensive security, coupled with proven leadership abilities and a deep understanding of security best practices and compliance frameworks.

Responsibilities: Strategic Leadership (Offensive & Defensive Security) : Develop and implement the overarching cybersecurity strategy for the organization, encompassing both offensive (Red Team) and defensive (Blue Team) security initiatives and aligning them with business objectives.

Team Management & Development:

Lead, mentor, and manage both the Offensive Security and Defensive Security teams, fostering a collaborative and high-performing environment. This includes defining team objectives, assigning responsibilities, and facilitating professional growth.

Offensive Security Operations:

Oversee and guide the planning and execution of penetration testing, vulnerability assessments, and red team exercises to identify and exploit weaknesses in applications, systems, and networks. Ensure actionable recommendations for remediation are provided and tracked.

Defensive Security Operations:

Manage and enhance the organization's security monitoring, incident response, and threat intelligence capabilities. Ensure the effective detection, analysis, containment, eradication, and recovery from security incidents.

Security Tooling & Technology Management:

Oversee the selection, implementation, and management of a comprehensive suite of security tools and technologies used by both offensive and defensive teams (e.g., SIEM, EDR, vulnerability scanners, penetration testing frameworks). Ensure optimal utilization and integration of these tools.

Secure Development Lifecycle (SDLC) Integration:

Champion and enforce secure coding practices and security integration throughout the software development lifecycle, collaborating closely with development teams to build secure applications by design.

Threat Modeling & Risk Assessment:

Lead and participate in threat modeling exercises for applications and infrastructure, identifying potential security risks and proposing effective security controls for both prevention and detection.

Vulnerability Management (Application & Infrastructure) :

Develop and maintain a comprehensive vulnerability management program that spans both applications and infrastructure, overseeing the identification, tracking, prioritization, and remediation of security vulnerabilities identified through both offensive and defensive measures.

Incident Response Management:

Collaborate with the incident response team and provide leadership in investigating and responding to security incidents, particularly those related to applications. Contribute to the development and refinement of incident response plans and playbooks.

Security Code Reviews & Architecture Guidance:

Lead and guide security code reviews to analyze and assess the security posture of application code. Provide expert guidance on the design and implementation of secure application architectures, ensuring adherence to security-by-design principles.

Compliance & Governance:

Drive the implementation and maintenance of ISO 27001 and PCI DSS compliance frameworks across both application and infrastructure security domains. Ensure adherence to relevant security policies, standards, and regulations.

Reporting & Communication:

Develop and present clear and concise reports on the security posture of applications and infrastructure, including findings from offensive security activities and incident response efforts, to both technical and executive audiences.

Security Awareness & Training:

Promote a strong security awareness culture within the organization, collaborating on the development and delivery of security training programs for both technical and non-technical staff.

Budget Management:

Manage the cybersecurity budget for both offensive and defensive security initiatives, ensuring cost-effectiveness and optimal resource allocation.

Qualifications:

Bachelor's degree in Computer Science, Information Security, or a related field. Relevant security certifications (e.g., CISSP, CISM, OSCP, CEH) are highly desirable.

Minimum of 5 years of progressive experience in cybersecurity roles.

Mandatory hands-on experience with at least one of the following:

Offensive Security Tools & Techniques:

Penetration testing frameworks (e.g., Metasploit, Cobalt Strike), vulnerability scanners (e.g., Nessus, Burp Suite), and exploitation methodologies.

Defensive Security Tools & Techniques:

SIEM platforms (e.g., Splunk, ELK Stack, Sentinel), EDR solutions, intrusion detection/prevention systems (IDS/IPS), and threat intelligence platforms. Proven experience in the implementation and maintenance of ISO 27001 and PCI DSS standards.

Strong understanding of network security principles, protocols, and technologies.

Excellent analytical, problem-solving, and decision-making skills.

Demonstrated leadership and team management abilities, with experience in building and motivating high-performing teams.

Excellent communication, presentation, and interpersonal skills.

Experience with cloud security platforms (e.g., AWS, Azure, GCP).

Familiarity with security automation and orchestration (SOAR) tools.

Experience with threat intelligence analysis and integration.

ACE Money Transfer Profile:

Position Title : Manager Cybersecurity Location:

Lahore / Kharian Position

Type: Full-Time

About Us:

ACE Money Transfer is a UK-based multinational company headquartered in Manchester, United Kingdom. ACE Money Transfer provides online remittance services to individuals in 28 countries across UK, Europe, Canada, and Australia enabling them to send money across border in over 100 countries.

Overview:

Ace Money Transfer is seeking a highly experienced and dynamic Cyber Security Manager to lead and mentor both our Offensive (Red Team) and Defensive (Blue Team) security teams. This critical role will be responsible for developing, implementing, and overseeing the organization's overall cybersecurity strategy, ensuring the protection of our assets and data against evolving threats. The ideal candidate will possess a strong technical background with hands-on experience in either offensive or defensive security, coupled with proven leadership abilities and a deep understanding of security best practices and compliance frameworks.

Responsibilities: Strategic Leadership (Offensive & Defensive Security) : Develop and implement the overarching cybersecurity strategy for the organization, encompassing both offensive (Red Team) and defensive (Blue Team) security initiatives and aligning them with business objectives.

Team Management & Development:

Lead, mentor, and manage both the Offensive Security and Defensive Security teams, fostering a collaborative and high-performing environment. This includes defining team objectives, assigning responsibilities, and facilitating professional growth.

Offensive Security Operations:

Oversee and guide the planning and execution of penetration testing, vulnerability assessments, and red team exercises to identify and exploit weaknesses in applications, systems, and networks. Ensure actionable recommendations for remediation are provided and tracked.

Defensive Security Operations:

Manage and enhance the organization's security monitoring, incident response, and threat intelligence capabilities. Ensure the effective detection, analysis, containment, eradication, and recovery from security incidents.

Security Tooling & Technology Management:

Oversee the selection, implementation, and management of a comprehensive suite of security tools and technologies used by both offensive and defensive teams (e.g., SIEM, EDR, vulnerability scanners, penetration testing frameworks). Ensure optimal utilization and integration of these tools.

Secure Development Lifecycle (SDLC) Integration:

Champion and enforce secure coding practices and security integration throughout the software development lifecycle, collaborating closely with development teams to build secure applications by design.

Threat Modeling & Risk Assessment:

Lead and participate in threat modeling exercises for applications and infrastructure, identifying potential security risks and proposing effective security controls for both prevention and detection.

Vulnerability Management (Application & Infrastructure) :

Develop and maintain a comprehensive vulnerability management program that spans both applications and infrastructure, overseeing the identification, tracking, prioritization, and remediation of security vulnerabilities identified through both offensive and defensive measures.

Incident Response Management:

Collaborate with the incident response team and provide leadership in investigating and responding to security incidents, particularly those related to applications. Contribute to the development and refinement of incident response plans and playbooks.

Security Code Reviews & Architecture Guidance:

Lead and guide security code reviews to analyze and assess the security posture of application code. Provide expert guidance on the design and implementation of secure application architectures, ensuring adherence to security-by-design principles.

Compliance & Governance:

Drive the implementation and maintenance of ISO 27001 and PCI DSS compliance frameworks across both application and infrastructure security domains. Ensure adherence to relevant security policies, standards, and regulations.

Reporting & Communication:

Develop and present clear and concise reports on the security posture of applications and infrastructure, including findings from offensive security activities and incident response efforts, to both technical and executive audiences.

Security Awareness & Training:

Promote a strong security awareness culture within the organization, collaborating on the development and delivery of security training programs for both technical and non-technical staff.

Budget Management:

Manage the cybersecurity budget for both offensive and defensive security initiatives, ensuring cost-effectiveness and optimal resource allocation.

Qualifications:

Bachelor's degree in Computer Science, Information Security, or a related field. Relevant security certifications (e.g., CISSP, CISM, OSCP, CEH) are highly desirable.

Minimum of 5 years of progressive experience in cybersecurity roles.

Mandatory hands-on experience with at least one of the following:

Offensive Security Tools & Techniques:

Penetration testing frameworks (e.g., Metasploit, Cobalt Strike), vulnerability scanners (e.g., Nessus, Burp Suite), and exploitation methodologies.

Defensive Security Tools & Techniques:

SIEM platforms (e.g., Splunk, ELK Stack, Sentinel), EDR solutions, intrusion detection/prevention systems (IDS/IPS), and threat intelligence platforms. Proven experience in the implementation and maintenance of ISO 27001 and PCI DSS standards.

Strong understanding of network security principles, protocols, and technologies.

Excellent analytical, problem-solving, and decision-making skills.

Demonstrated leadership and team management abilities, with experience in building and motivating high-performing teams.

Excellent communication, presentation, and interpersonal skills.

Experience with cloud security platforms (e.g., AWS, Azure, GCP).

Familiarity with security automation and orchestration (SOAR) tools.

Experience with threat intelligence analysis and integration.

ACE Money Transfer Profile: