28 Data Security jobs in Pakistan

Description
Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there's really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview
As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you'll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent minds and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory/security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.

What You Will Bring To The Team

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience with auditing vendors/service providers/partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
• Bachelor's degree in Computer Science or Information Technology.

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer life insurance, optional health insurance, and retirement benefits in line with Company policy. Employees also enjoy additional perks such as the Voluntary Pension Scheme, EOBI, complimentary meals, and access to our in-house gym.

We take pride in being an equal opportunity employer and remain dedicated to maintaining a workplace free from discrimination of any kind. If you are passionate about driving innovation in IT, sales, engineering, or operations, Zones provides a dynamic and collaborative environment to help you grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Job timings: 08:00 PM to 05:00 AM (Pk time)

Application Security Engineer / InfoSec Engineer - Onsite - Karachi

Company Overview:

Hiring for one of our Tech Solution providers in Karachi.

Job Description:

1. Develop and implement security strategies to safeguard our
   Cloud infrastructure,

on-prem systems, applications, and data.

1. Perform risk
   assessments, vulnerability scans, and penetration testing;
   provide

actionable insights to mitigate risks.

1. Collaborate with Product and Engineering teams to embed security best practices

into the software development lifecycle
(SDLC).

1. Manage and enhance our incident response plans, ensuring timely and effective

resolution of security incidents.

1. Lead initiatives to achieve and maintain compliance with industry standards and

regulations
(e.g., ISO 27001, PCI-DSS, SOC 2, GDPR).

1. Conduct security awareness trainings and workshops for Employees across the

organization.

1. Implement and manage
   SIEM tools, IDS/IPS, WAFs, Firewalls,
   and other security

technologies.

1. Monitor and analyze security alerts, logs, and data from both cloud and on-prem

environments to proactively address potential threats.

1. Work with stakeholders to prioritize and remediate vulnerabilities promptly.

2. Maintain and secure critical
   on-prem infrastructure
   , ensuring alignment with overall security policies and practices.

3. Stay updated on emerging threats, vulnerabilities, and technologies to improve our security posture continuously.

Qualifications

1. Experience:
   4+ years in InfoSec, Cyber Security, or Cloud Security roles

2. Education: Bachelors degree in Computer Science, Information Technology, or a

related field (or equivalent experience).

1. Certifications: Relevant certifications such as CISSP, CISM, CEH, AWS Security

Specialty, or Azure Security Engineer are highly desirable.

Technical Skills

1. Hands-on experience with Public Cloud platforms (AWS, Azure, or GCP) and on-

prem infrastructure.

1. Broad experience across different Operating Systems and environments (Cloud, on- prem, VMs, etc.).

2. Strong understanding of networks, network architecture, and networking concepts.

3. Hands-on practitioner proficient in security tools such as SIEMs, IDS/IPS, WAFs,

Network Firewalls, vulnerability scanners, and endpoint protection.

1. Strong understanding of network security, cryptography, and application security.

2. Practical knowledge of and experience with ISO/IEC 27001, OWASP, NIST, CIS, and

PCI-DSS standards and frameworks.

1. Experience with DevSecOps practices and CI/CD pipelines.

2. Knowledge of on-prem server security, network configurations, and physical access

controls.

1. Bonus points for being hands-on with Python and shell scripting.

Other Details:

Experience:
4+ years in InfoSec - Cyber sec

Location: Shahre Faisal

Salary: Market Competitive

Timings: Monday to Friday

About HR Ways:
HR Ways is an Award winning Technical Recruitment Firm helping software houses and IT Product companies internationally and locally to find IT Talent. HR Ways is engaged by 300+ Employers worldwide ranging from worlds biggest SaaS Companies to most competitive Startups. We have entities in Dubai, Canada, US, UK, Pakistan, India, Saudi Arabia, Portugal, Brazil and other parts of the world.

Job Title: Cybersecurity Analyst

Location: Gulberg, Lahore (On-Site Role)

Experience: 3 to 5 Years

Responsibilities:

Tech Bridge Consultancy seeks experience in security monitoring solutions, incident response and other cybersecurity tools and technologies implementation capabilities. In your role, your duties will include the following:

• SOC monitoring coverage for any of the following shifts: EST Time 8:00am – 4:00pm (PST 5:00pm – 1:00am), 4:00pm – 12:00am (PST 1:00am – 9:00am), 12:00am – 8:00am (PST 9:00am – 5:00pm); the work week is considered a minimum of 40 hours each week. Day to day security logging and monitoring solutions; identifying false positives and detecting potential or real threats
• In-depth analysis of security events, alerts and incidents
• Promptly responding to customer enquiries via emails and/or phone calls; responding to security incidents and threats
• Analyzing logs, network traffic and data to identify potential threats and vulnerabilities
• Development security dashboards and reporting; compile threat intelligence reports and manage log data
• Configuration of security tools and technologies (e.g. SIEM, EDR, VM, etc.)
• Configuration of network and security appliances (e.g. Firewalls, routers, switches, HIDS, NIDS, etc.)
• Endpoint security configuration (Defender, CrowdStrike, SentinelOne, Webroot, Kaspersky, etc.)
• Firewall rules configuration and optimization
• SIEM rules configuration (Sentinel, Splunk, Log Rhythm, etc.)
• Technical writing and security policy development
• Staying current on industry trends, keeping up-to-date with relevant CVE's and the evolving threat landscape
• Conducting vulnerability scans of network and applications
• Keeping company systems up-to-date with current security patches
• Recommending security improvements to line managers or senior management

Requirements:

• Strong understanding of cybersecurity principles and the SOC environment
• Bachelor's degree in cyber security, computer sciences or equivalent
• Good understanding of vulnerability management tools and techniques
• Good understanding of Windows, Linux and macOS operating systems and endpoints
• Knowledge of modern problem-solving skills, and keen attention to detail
• Good understanding of the modern security in SDLC practices
• Capable of Balancing multiple priorities and remaining flexible in a changing environment
• Good communication and interpersonal skills
• Familiarity with regulatory compliance and security standards (ISO27001, SOC 2 TYPE 1 and TYPE 2, NERC CIP, IE 62443, NIST CSF, etc.)

Other duties may include:

· Contribute to the preparation of technical documentation, including proposals, tenders, RFPs (Requests for Proposals), and RFIs (Requests for Information)

· Participate in business development activities directly related to the sale of cybersecurity services and other tasks supporting the delivery of cybersecurity products and services

· Personnel are required to work on-site; remote or hybrid work options will not be available

· Personnel must strictly use company-provided computer assets, hardware, and licensed software to perform all assigned services

· Personnel must not work more than 12 consecutive hours per shift

· Personnel are required to adhere to internal cybersecurity and IT policies and standards

· Personnel are required to strictly uphold confidentiality and integrity clauses while dealing with all customer data

Job Type: Full-time

Application Question(s):

• Are you comfortable with an on-site role, as this position is not remote or hybrid?
• Have you worked with vulnerability management tools?
• Are you familiar with any security compliance standards like ISO 27001, SOC 2, or NIST?
• Are you comfortable working onsite in any of the following SOC shift timings?
• Do you have experience working in a SOC (Security Operations Center)?
• Do you have strong written and verbal communication skills in English?

Work Location: In person

We are hiring for a " Cybersecurity Analyst" having 3+ years of experience.

Job Description:

• Implement and maintainsecure coding standards to mitigate secure coding vulnerabilities.

• Analyze, detect and respond to cyber threats through real-time monitoring and proactive defense strategies.

• Conduct vulnerabilities assessments, penetration testing and risk evaluations to identify and mitigate security issues.

• Develop and implement cybersecurity policies and frameworks based on NIST, ISO 27001, and other industry standards.

Essential Technical Skills:

• Proficient in Cyber Threat Intelligence (CTI)

• Experience with penetration testing and ethical hacking methodologies.

• Familiarity with Cybersecurity frameworks _e.g, NIST,MITRE, ATT & CK).

• Knowledge of network security tools such as firewalls, IDSIPS and SIEM platforms.

• Programming knowledge (e.g,Python, ava, C++) for secure software development.

Education and Experience:

• Bachelors in IT

• 3+ Years of Experience

Company Description

Stafflink is the all-in-one platform designed to simplify global team management. From onboarding and culture to local payroll and compliance, we handle every aspect, allowing you to focus on growth. Our powerful HR and payroll tools, combined with global mobility services and deep compliance expertise, drive businesses to scale quicker and smarter. Additionally, our talent marketplace connects you with top professionals worldwide, ready to join your team. Hire, manage, and pay your team anywhere effortlessly.

Role Description

This is a full-time remote role for a Cyber Security Analyst. The Cyber Security Analyst will be responsible for monitoring and analyzing system vulnerabilities, performing malware analysis, and ensuring application and network security. Daily tasks will also include conducting security assessments, implementing security measures, and responding to security threats. Additionally, the analyst will be expected to stay up-to-date with the latest cybersecurity trends and technologies.

Qualifications

• Application Security and Network Security skills
• Experience in Cybersecurity and Malware Analysis
• Strong Analytical Skills
• Excellent problem-solving and critical-thinking abilities
• Effective communication and collaboration skills
• Ability to work independently in a remote environment
• Relevant certifications such as CISSP, CEH, or equivalent are a plus
• Bachelor's degree in Computer Science, Information Security, or related field

Job description:

Job Title:
Cybersecurity Analyst

Location:
Gulberg, Lahore (On-Site Role)

Experience:
3 to 5 Years

Responsibilities:

Tech Bridge Consultancy seeks experience in security monitoring solutions, incident response and other cybersecurity tools and technologies implementation capabilities. In your role, your duties will include the following:

• SOC monitoring coverage for any of the following shifts: 
  EST Time 8:00am – 4:00pm (PST 5:00pm – 1:00am), 4:00pm – 12:00am (PST 1:00am – 9:00am), 12:00am – 8:00am (PST 9:00am – 5:00pm)
  ; the work week is considered a minimum of 40 hours each week. Day to day security logging and monitoring solutions; identifying false positives and detecting potential or real threats
• In-depth analysis of security events, alerts and incidents
• Promptly responding to customer enquiries via emails and/or phone calls; responding to security incidents and threats
• Analyzing logs, network traffic and data to identify potential threats and vulnerabilities
• Development security dashboards and reporting; compile threat intelligence reports and manage log data
• Configuration of security tools and technologies (e.g. SIEM, EDR, VM, etc.)
• Configuration of network and security appliances (e.g. Firewalls, routers, switches, HIDS, NIDS, etc.)
• Endpoint security configuration (Defender, CrowdStrike, SentinelOne, Webroot, Kaspersky, etc.)
• Firewall rules configuration and optimization
• SIEM rules configuration (Sentinel, Splunk, Log Rhythm, etc.)
• Technical writing and security policy development
• Staying current on industry trends, keeping up-to-date with relevant CVE's and the evolving threat landscape
• Conducting vulnerability scans of network and applications
• Keeping company systems up-to-date with current security patches
• Recommending security improvements to line managers or senior management

Requirements:

• Strong understanding of cybersecurity principles and the SOC environment
• Bachelor's degree in cyber security, computer sciences or equivalent
• Good understanding of vulnerability management tools and techniques
• Good understanding of Windows, Linux and macOS operating systems and endpoints
• Knowledge of modern problem-solving skills, and keen attention to detail
• Good understanding of the modern security in SDLC practices
• Capable of Balancing multiple priorities and remaining flexible in a changing environment
• Good communication and interpersonal skills
• Familiarity with regulatory compliance and security standards (ISO27001, SOC 2 TYPE 1 and TYPE 2, NERC CIP, IE 62443, NIST CSF, etc.)

Other duties may include:

· Contribute to the preparation of technical documentation, including proposals, tenders, RFPs (Requests for Proposals), and RFIs (Requests for Information)

· Participate in business development activities directly related to the sale of cybersecurity services and other tasks supporting the delivery of cybersecurity products and services

· Personnel are required to work on-site; remote or hybrid work options will not be available

· Personnel must strictly use company-provided computer assets, hardware, and licensed software to perform all assigned services

· Personnel must not work more than 12 consecutive hours per shift

· Personnel are required to adhere to internal cybersecurity and IT policies and standards

· Personnel are required to strictly uphold confidentiality and integrity clauses while dealing with all customer data

Responsible for designing and implementing enterprise-wide security architectures to protect organizational information systems. Ensures robust security frameworks, compliance with industry standards, and proactive threat mitigation. Collaborates with IT, risk, and business teams to evaluate security risks, integrate advanced security solutions, and optimize defenses. Develops policies, procedures, and technical controls to safeguard data, systems, and networks, while continuously monitoring emerging threats and evolving security technologies to maintain a resilient security posture.

• Design, implement, and maintain enterprise security architecture strategies effectively.
• Evaluate system vulnerabilities and recommend mitigation strategies proactively.
• Collaborate with IT teams to integrate security solutions seamlessly.
• Ensure compliance with regulatory and industry security standards consistently.
• Conduct risk assessments and provide recommendations for security improvements.
• Develop security policies, standards, and guidelines for organization.
• Monitor emerging threats and recommend advanced protective measures regularly.
• Provide guidance on secure system designs and architecture reviews.

• Expertise in network, application, and cloud security architecture principles.
• Strong knowledge of security frameworks, standards, and regulatory requirements.
• Proficiency in threat modeling, risk assessment, and mitigation techniques.
• Experience with security tools, monitoring, and incident response processes.
• Excellent analytical, problem-solving, and communication skills for collaboration.
• Ability to design and implement scalable, resilient security architectures.

Note: Salary is disbursed in the local currency of the country of employment.

• Date Posted

August 20, 2025
- Location

Hyderabad
- Offered Salary:

¤ ¤
- Expiration date

June 2, 2026
- Experience

5 Year
- Gender

Both
- Qualification

Bachelor Degree
- Career Level

Others

Company Description

TMGM Consulting delivers cutting-edge solutions across the full spectrum of information technology. Our expertise includes web design and development, custom applications, ERPs, e-commerce platforms, and portal solutions for both B2B and B2C needs. We also provide DevOps services, AWS cloud solutions, cybersecurity services, and digital marketing strategies to help businesses operate securely, efficiently, and competitively. Driven by a dedicated and expert team, TMGM Consulting focuses on developing sophisticated solutions while ensuring high user satisfaction and delivering quality products on time.

About the Role

We are seeking a passionate and detail-oriented
Compliance Guardian
to join our security and governance team. In this role, you will be the driving force behind our company's data protection, security compliance, and risk management initiatives. You'll collaborate with cross-functional teams to ensure our operations meet the highest international standards including
GDPR, SOC 2, ISO 27001, and PCI DSS
while fostering a culture of privacy, security, and trust across the organization.

Key Responsibilities

• Regulatory Compliance & Auditing:
• Implement, monitor, and maintain compliance programs aligned with
  GDPR, SOC 2, ISO 27001, and PCI DSS
  frameworks.
• Prepare and support external and internal audits, ensuring all documentation and evidence meet regulatory requirements.
• Conduct regular risk assessments and internal control reviews.
• Policy Development & Documentation:
• Draft, review, and update security, privacy, and compliance policies and procedures.
• Maintain compliance documentation, audit logs, incident reports, and risk registers.
• Cross-Functional Collaboration:
• Work closely with engineering, IT, legal, and product teams to embed compliance best practices into business processes and product designs.
• Guide teams on implementing data privacy-by-design principles and secure data handling procedures.
• Training & Awareness:
• Deliver compliance training sessions to employees and stakeholders to promote awareness and adherence to regulatory requirements.
• Continuous Improvement:
• Stay ahead of evolving regulations, standards, and security best practices.
• Recommend proactive improvements to enhance our compliance posture and reduce risk exposure.

Qualifications & Skills

• Bachelor's degree in Computer Science, Information Security, Law, or a related field.
• 3–4 years of experience
  in compliance, data privacy, or information security roles.
• Proven expertise in
  GDPR, SOC 2, ISO 27001, and PCI DSS
  implementation and audits.
• Strong understanding of risk management, security controls, and data protection principles.
• Excellent documentation, communication, and stakeholder engagement skills.
• Certifications such as
  CIPM, CISA, ISO 27001 Lead Implementer, or PCI DSS QSA
  are a plus.

Why Join Us?

• Be part of a forward-thinking team shaping the future of data privacy and security.
• Lead impactful compliance initiatives in a fast-paced, innovation-driven environment.
• Opportunities for growth, certification sponsorships, and continuous learning.

We're looking for an experienced Information Security Manager to lead our security operations, compliance and governance while building a culture of cyber resilience across the organization.

Requirements:

8+ years in information security (4 years in leadership role).

Strong knowledge of security frameworks (ISO 27001, NIST).

Hands-on with SOC, SIEM, vulnerability management & DevSecOps.

Overall security compliance & GRC expertise.

Certifications like CISSP, CISM, or CISA a big plus.