3 Data Security jobs in Karachi
Information Security Lead
Posted today
Job Viewed
Job Description
Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture, this is your chance to make a real impact
RequirementsThreat & Incident Management:
- Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
- Support incident response by analyzing security events and escalating issues.
- Manage access control policies to prevent unauthorized access to sensitive data.
Security Tools Management:
- Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
- Maintain and optimize antivirus, endpoint protection, and data leak prevention tools.
- Continuously evaluate security tools to enhance detection and response capabilities.
Technical Security Implementation:
- Design and implement network security controls (firewalls, IDS/IPS, VPNs).
- Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
- Implement patch management strategies to address security gaps.
Security Architecture & Compliance:
- Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards.
- Monitor security event logs and analyze anomalies for proactive threat detection.
- Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.
Research & Development:
- Track emerging cyber threats and enhance detection techniques.
- Conduct threat intelligence analysis and proactively implement risk mitigation measures.
- Lead cybersecurity awareness initiatives and train internal teams on security protocols.
Documentation & Reporting:
- Maintain system documentation, incident response playbooks, and escalation procedures.
- Generate security reports and dashboards for continuous security posture improvement.
Requirements
- Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
- 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
- Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
- Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security.
- Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
- Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
- Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
- Familiarity with forensic investigation techniques, malware analysis, and threat intelligence.
- Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.
Manager Information Security
Posted 8 days ago
Job Viewed
Job Description
COMPANY OVERVIEW :
Our client, a Karachi-based, State Bank of Pakistan (SBP) regulated Electronic Money Institution (EMI), seeks to appoint an experienced professional for the following role:
As Manager Information Security, you will be responsible for establishing and enforcing security protocols that safeguard companys information systems, digital assets, and customer data.
Key Areas of Responsibilities
- Develop & Implement Information Security Strategy Design and execute a comprehensive information security roadmap aligned with companys digital infrastructure, business model, and regulatory obligations.
- Cybersecurity Risk Management Identify, assess, and mitigate cybersecurity risks across infrastructure, applications, APIs, mobile platforms, and third-party integrations.
- Regulatory Compliance & SBP Alignment Ensure full compliance with SBP guidelines and international security frameworks (e.g., ISO 27001, NIST), and act as the point of contact for regulator-driven security reviews.
- Security Architecture & Operations Oversee the design, configuration, and monitoring of security systems including firewalls, endpoint protection, SIEM, encryption, and identity/access management tools.
- Incident Response & Threat Management Develop and lead the incident response process, including detection, containment, investigation, recovery, and post-mortem reporting.
- Security Audits & Penetration Testing Coordinate regular internal and third-party audits, vulnerability assessments, and penetration testing to ensure system hardening.
- Employee Awareness & Policy Enforcement Establish security awareness programs, train internal staff, and enforce information security policies across all departments.
- Collaboration with Internal Audit & IT Work closely with Internal Audit, Technology, and Compliance teams to ensure consistent enforcement of risk controls and secure infrastructure design.
Education
- Minimum 16 years of education, preferably, Masters from a renowned and HEC recognized university or institution/equivalent foreign degree holder institution, in any/or combination of the disciplines
- Professional certifications such as CISSP , CISM , CEH , or ISO 27001 Lead Implementer/Auditor are highly desirable
Experience
- Information Security Expertise Minimum 5 years of relevant experience in information security or cybersecurity roles, preferably within fintech, digital banking, or regulated financial institutions
- Regulatory & Standards Knowledge Strong understanding of SBP cybersecurity guidelines, ISO 27001, NIST, and relevant global information security frameworks
- Incident Management & Threat Response Demonstrated experience in handling security incidents, vulnerability assessments, and threat intelligence operations
- Security Operations & Architecture Hands-on experience with firewalls, IDS/IPS, antivirus, endpoint protection, IAM, encryption, and secure network architecture
Age
- The candidate should be preferably not more than 40 years of age as of last date of submission of application.
If you have the required experience and educational qualification to take up the challenging role, you are requested to apply by October 24 , 2025 at
Only shortlisted candidates will be contacted.
Data Protection Officer
Posted today
Job Viewed
Job Description
• Guarantee organizational adherence to relevant data protection laws and regulations.
• Monitor changes in privacy laws and promptly update policies and procedures to align with the evolving legal landscape.
• Prepare and regularly review Data Privacy policies and procedures to ensure compliance with legal, regulatory, and organizational updates.
• Assist in the development and implementation of the Data Privacy strategy, integrating it into the broader Information Security strategy of the organization.
• Conduct privacy impact assessments for new projects, processes, or technologies involving personal data.
• Identify and document the types of personal data processed, establish the purposes of processing, and classify data based on sensitivity. Implement appropriate protection measures accordingly.
• Manage and respond to data subject access requests and inquiries related to privacy concerns.
• Provide training to employees on data protection practices and foster privacy awareness within the organization.
• Collaborate with other departments to ensure a holistic approach to data protection, fostering a culture of compliance throughout the organization.
• Support reporting authorities in implementing procedural control measures identified through audits, risk assessments, compliance reviews, etc.
• As the go-to person for data protection, the DPO ensures that data management policies align with security and compliance requirements.
• Oversee the development, implementation, and enforcement of information/data classification policies, ensuring comprehensive coverage in SOP/Baseline documents.
• Perform internal privacy audits and assessments to identify gaps and areas for improvement. Recommend and implement corrective actions as needed.
• Work with Procurement and Third-Party Risk Management teams to ensure adequacy of assessment, evaluation, and monitoring of third-party vendors that handling personal data, in terms of their data handling practices, security and contracts, to ensure they comply with privacy and data protection requirements.
• Undertake any other related duty assigned by the HOD Information Security.
• Knowledge and understanding of common data protection management frameworks & best practices.
• Ability to assess privacy impact, classify data, and establish protective measures based on sensitivity.
• Comprehensive understanding of Data Privacy strategy and its alignment with broader Information Security goals.
• Strong analytical, communication, collaboration, problem-solving, documentation and leadership Skills to convey complex data protection concepts to diverse audiences, both internal and external.
• Bachelor's degree in a technology/engineering/information security related field required.
• Minimum 6 to 7 years of hands-on experience in Data & information security in a large enterprise environment.
• Competitive salary
• Fuel Card
• Health benefits
• Professional development opportunities
• Inclusive work culture & much more
Be The First To Know
About the latest Data security Jobs in Karachi !