237 Ethical Hackers jobs in Pakistan

Responsible for designing and implementing enterprise-wide security architectures to protect organizational information systems. Ensures robust security frameworks, compliance with industry standards, and proactive threat mitigation. Collaborates with IT, risk, and business teams to evaluate security risks, integrate advanced security solutions, and optimize defenses. Develops policies, procedures, and technical controls to safeguard data, systems, and networks, while continuously monitoring emerging threats and evolving security technologies to maintain a resilient security posture.

• Design, implement, and maintain enterprise security architecture strategies effectively.
• Evaluate system vulnerabilities and recommend mitigation strategies proactively.
• Collaborate with IT teams to integrate security solutions seamlessly.
• Ensure compliance with regulatory and industry security standards consistently.
• Conduct risk assessments and provide recommendations for security improvements.
• Develop security policies, standards, and guidelines for organization.
• Monitor emerging threats and recommend advanced protective measures regularly.
• Provide guidance on secure system designs and architecture reviews.

• Expertise in network, application, and cloud security architecture principles.
• Strong knowledge of security frameworks, standards, and regulatory requirements.
• Proficiency in threat modeling, risk assessment, and mitigation techniques.
• Experience with security tools, monitoring, and incident response processes.
• Excellent analytical, problem-solving, and communication skills for collaboration.
• Ability to design and implement scalable, resilient security architectures.

Note: Salary is disbursed in the local currency of the country of employment.

• Date Posted

August 20, 2025
- Location

Hyderabad
- Offered Salary:

¤ ¤
- Expiration date

June 2, 2026
- Experience

5 Year
- Gender

Both
- Qualification

Bachelor Degree
- Career Level

Others

Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture, this is your chance to make a real impact

Threat & Incident Management:

• Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
• Support incident response by analyzing security events and escalating issues.
• Manage access control policies to prevent unauthorized access to sensitive data.

Security Tools Management:

• Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Maintain and optimize antivirus, endpoint protection, and data leak prevention tools.
• Continuously evaluate security tools to enhance detection and response capabilities.

Technical Security Implementation:

• Design and implement network security controls (firewalls, IDS/IPS, VPNs).
• Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
• Implement patch management strategies to address security gaps.

Security Architecture & Compliance:

• Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards.
• Monitor security event logs and analyze anomalies for proactive threat detection.
• Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.

Research & Development:

• Track emerging cyber threats and enhance detection techniques.
• Conduct threat intelligence analysis and proactively implement risk mitigation measures.
• Lead cybersecurity awareness initiatives and train internal teams on security protocols.

Documentation & Reporting:

• Maintain system documentation, incident response playbooks, and escalation procedures.
• Generate security reports and dashboards for continuous security posture improvement.

Requirements

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
• Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
• Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security.
• Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
• Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
• Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
• Familiarity with forensic investigation techniques, malware analysis, and threat intelligence.
• Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.

Department:
Information Security

Reports To:
Chief Executive Officer

Job Grade:
SVP

Total Position
: 01

Location:
Head Office, Islamabad

What is Head Information Security – MMBL?

The
Head Information Security at Mobilink Microfinance Bank Ltd. (MMBL)
is a senior leadership position responsible for developing and overseeing the bank's cybersecurity and information security strategies. This role involves ensuring that all digital assets, customer data, and internal systems are protected against cyber threats by implementing robust policies, frameworks, and incident response plans in line with international best practices and regulatory requirements.

The Head Information Security works closely with senior management and regulatory bodies to monitor risks, respond to emerging threats, and cultivate a strong security culture within the organization. Additionally, the role requires strategic thinking, technical expertise, and effective communication skills to influence decision-making at the highest levels and to align security efforts with the bank's overall goals.

What Head Information Security – MMBL Does?

• Provide vision, leadership, and strategic direction for Information Security to safeguard MMBL's information assets.
• Develop and maintain information security policies and procedures aligned with best industry practices.
• Implement a comprehensive Information Security Framework to protect bank systems and data from threats.
• Prepare and maintain a Cyber Security Action Plan to anticipate, withstand, detect, and respond to cyber-attacks in line with international standards.
• Implement a robust Incident Reporting Mechanism to report security incidents to senior management, Board of Directors (BoD), and regulators as required.
• Periodically prepare and present updates, reports, and statistics to the Board Risk Management & Compliance Committee (RCC) on cybersecurity developments and implementation status.
• Manage an effective Information Security Risk Management process: Identify, measure, monitor, and control risks. Prioritize material information security risks.
• Assess risks related to technology outsourcing and procurement.
• Evaluate information security risks in new and significantly changed applications or software systems.
• Monitor technological developments and remain up-to-date on emerging cyber risk management practices.
• Identify and prioritize critical information system assets.
• Conduct periodic risk-based vulnerability assessments and impact analysis.
• Ensure implementation of security controls and corrective actions to address identified vulnerabilities.
• Establish a testing program to validate the effectiveness of controls and the overall security environment regularly.
• Oversee the investigation of information security incidents.
• Gather and analyze internal and external threat intelligence to strengthen security posture.
• Collaborate with industry peers to share experiences and enhance MMBL's resilience and preventive capabilities.
• Promote security awareness among employees and encourage adherence to best practices.
• Perform any other tasks assigned by immediate supervisors, senior management, or the board.

What are we looking for and what does it require to be Head Information Security - MMBL?

• Education: Bachelor's or Master's degree in Computer Science, Information Security, or related field. Relevant certifications such as CISSP, CISM, CISA, CEH preferred.
  • Experience: Minimum 10 years in Information Security within the banking or financial services sector.
  • Technical Expertise: In-depth understanding of information security frameworks (e.g., ISO 27001, NIST). Experience in cyber risk management, threat intelligence, and incident response. Knowledge of security technologies, vulnerabilities assessment tools, and mitigation techniques.
• Strategic & Operational Skills: Proven ability to develop and implement security policies, procedures, and cyber action plans. Strong capability in risk assessment for systems, applications, and third-party engagements. Experience in presenting to senior management and board committees.
• Leadership & Communication: Strong leadership and team management skills. Excellent written and verbal communication, especially in reporting to executive leadership. Ability to lead security awareness and training programs.
• Compliance & Governance: Familiarity with regulatory requirements and standards applicable to financial institutions. Experience in reporting and liaising with regulators and external stakeholders.

About MMBL:

Mobilink Microfinance Bank Ltd. is providing banking services to over 48 million registered users including 20+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 114 branches and 270,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan instalments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion. MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business.

Why Join MMBL?

This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavour.

KalSoft is seeking an experienced Information Security Consultant with a strong background in cybersecurity, risk management, and compliance. The consultant will be responsible for developing security frameworks, identifying vulnerabilities, mitigating risks, and advising both clients and internal stakeholders on best practices for safeguarding critical information assets.

Location: KSA, Riyadh (Onsite)

Experience: Minimum 5 yearsKey Responsibilities

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

Requirements

• Bachelor's degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years' experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools.
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI.

cGIfG0YauY

Are you passionate about cybersecurity and looking to make a real impact in the fast-evolving world of digital banking? We're seeking a dynamic Information Security Administrator to take charge of securing our cutting-edge Digital Retail Bank (DRB) infrastructure. This role is perfect for someone who thrives on deploying state-of-the-art security solutions, managing SIEM integrations, and ensuring compliance with industry-leading frameworks. If you're ready to lead security initiatives, protect critical assets, and shape the future of secure digital banking, this is your opportunity

Requirements

Security Infrastructure & Implementation:

• Design, deploy, and optimize security solutions to safeguard digital banking platforms.
• Strengthen network and system security through proactive hardening techniques.
• Implement cutting-edge cloud security strategies across AWS, Azure, and Google Cloud.
• Ensure compliance with top cybersecurity regulations and frameworks.

Operations & Administration:

• Oversee system security, endpoint protection, and real-time threat detection.
• Manage user access control, identity verification, and multi-factor authentication.
• Support incident response efforts, conduct forensic investigations, and mitigate risks.
• Develop and enforce security policies, procedures, and best practices.

Technical Expertise & SIEM Management:

• Configure and maintain firewalls, IDS/IPS, VPNs, and endpoint security tools.
• Deploy and integrate SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.) for real-time monitoring.
• Oversee log and event management to detect and neutralize security threats.
• Implement automation to streamline security operations and incident response.

Threat Prevention & Awareness:

• Conduct risk assessments and proactively manage vulnerabilities before they become threats.
• Stay ahead of emerging cyber threats and implement cutting-edge defenses.
• Drive company-wide cybersecurity awareness through training and education initiatives.
• Collaborate with IT, compliance, and business teams to strengthen security posture.

Qualifications

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• 4-6 years of experience in infrastructure security, cybersecurity operations, or cloud security.
• Strong expertise in network protocols, firewalls, VPNs, IDS/IPS, and endpoint security.
• Hands-on experience with SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Proficiency in cloud security (AWS, Azure, Google Cloud) and securing virtual environments.
• Strong skills in writing and enforcing security policies and guidelines.
• Professional certifications like CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.
• Scripting and automation skills (Python, PowerShell, SPL, SQL) to enhance security operations.

Are you passionate about cyber threat detection and response? We are seeking a Cybersecurity Analyst to monitor, analyze, and triage security alerts, ensuring a proactive defense against evolving threats in a Digital Retail Bank (DRB) environment. This role involves SIEM monitoring, incident handling, vulnerability management, and compliance enforcement to maintain the highest security standards. If you have experience in threat intelligence, log analysis, and security policy implementation, this is the perfect opportunity to contribute to a dynamic and cutting-edge cybersecurity team.

Responsibilities

• Threat Monitoring & Detection:
• • Monitor and analyze SIEM alerts to detect potential security incidents.
• Conduct log analysis from firewalls, servers, applications, and endpoint security tools.
• Develop and refine correlation rules and use cases to improve threat detection.
• Utilize threat intelligence sources to enhance anomaly detection and response.
• Incident Response:
• • Perform initial triage and incident handling to assess potential threats.
• Conduct root cause analysis to determine the impact and scope of security events.
• Maintain detailed incident documentation for compliance and reporting purposes.
• Vulnerability Management:
• • Perform vulnerability scanning and risk assessment to identify security gaps.
• Support penetration testing efforts and assist in remediation strategies.
• Develop and implement risk mitigation plans to reduce attack vectors.
• Security Policy & Compliance:
• • Ensure adherence to regulatory security frameworks (PCI DSS, ISO 27001, SBP regulations).
• Conduct security awareness training for internal teams.
• Monitor compliance with security policies and recommend necessary improvements.
• Research & Continuous Improvement:
• • Stay updated on emerging threats, attack techniques, and cybersecurity trends.
• Continuously optimize SIEM correlation rules and fine-tune detection mechanisms.
• Enhance security operations processes to improve efficiency.
• Collaboration & Third-Party Security:
• • Work closely with internal security teams and third-party service providers to correlate threat intelligence.
• Collaborate with IT and business units to enhance overall cyber resilience.

Requirements

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• 4-6 years of experience in infrastructure security, SIEM monitoring, or threat intelligence.
• Strong understanding of network protocols, firewalls, VPNs, IDS/IPS, and endpoint security.
• Proficiency in using SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Expertise in vulnerability assessment, threat modeling, and risk analysis.
• Hands-on experience with security tools (Metasploit, Burp Suite, Nessus, etc.).
• Experience in policy development, security guidelines, and compliance frameworks.
• Proficiency in scripting languages (Python, PowerShell, SPL, SQL) for security automation.
• Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.

Objectives & KPIs

• Mean Time to Detect (MTTD): Average time taken to detect, analyze, and escalate security incidents.
• Incident Resolution Rate: Percentage of incidents resolved within predefined SLAs.
• Alert Accuracy: Ratio of false positives vs. true positives identified in SIEM alerts.
• SIEM Optimization: Percentage of correlation rules and use cases updated or improved.
• Root Cause Analysis (RCA) Completion: Percentage of incidents with a thorough RCA report.
• Rule Tuning Frequency: Regular enhancements to improve SIEM efficiency and reduce unnecessary alerts.
• Regulatory Compliance: Percentage of adherence to SBP regulations, PCI DSS, ISO 27001, and security standards.

We're looking for an experienced Information Security Manager to lead our security operations, compliance and governance while building a culture of cyber resilience across the organization.

Requirements:

8+ years in information security (4 years in leadership role).

Strong knowledge of security frameworks (ISO 27001, NIST).

Hands-on with SOC, SIEM, vulnerability management & DevSecOps.

Overall security compliance & GRC expertise.

Certifications like CISSP, CISM, or CISA a big plus.

Are you passionate about cybersecurity and looking to make a real impact in the fast-evolving world of digital banking? We're seeking a dynamic Information Security Administrator to take charge of securing our cutting-edge Digital Retail Bank (DRB) infrastructure. This role is perfect for someone who thrives on deploying state-of-the-art security solutions, managing SIEM integrations, and ensuring compliance with industry-leading frameworks. If you're ready to lead security initiatives, protect critical assets, and shape the future of secure digital banking, this is your opportunity

Requirements
Security Infrastructure & Implementation:

• Design, deploy, and optimize security solutions to safeguard digital banking platforms
• Strengthen network and system security through proactive hardening techniques
• Implement cutting-edge cloud security strategies across AWS, Azure, and Google Cloud
• Ensure compliance with top cybersecurity regulations and frameworks.

Operations & Administration:

• Oversee system security, endpoint protection, and real-time threat detection
• Manage user access control, identity verification, and multi-factor authentication
• Support incident response efforts, conduct forensic investigations, and mitigate risks
• Develop and enforce security policies, procedures, and best practices.

Technical Expertise & SIEM Management:

• Configure and maintain firewalls, IDS/IPS, VPNs, and endpoint security tools
• Deploy and integrate SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.) for real-time monitoring
• Oversee log and event management to detect and neutralize security threats
• Implement automation to streamline security operations and incident response.

Threat Prevention & Awareness:

• Conduct risk assessments and proactively manage vulnerabilities before they become threats
• Stay ahead of emerging cyber threats and implement cutting-edge defenses
• Drive company-wide cybersecurity awareness through training and education initiatives
• Collaborate with IT, compliance, and business teams to strengthen security posture.

Qualifications

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field
• 4-6 years of experience in infrastructure security, cybersecurity operations, or cloud security
• Strong expertise in network protocols, firewalls, VPNs, IDS/IPS, and endpoint security
• Hands-on experience with SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.)
• Proficiency in cloud security (AWS, Azure, Google Cloud) and securing virtual environments
• Strong skills in writing and enforcing security policies and guidelines
• Professional certifications like CISSP, CEH, OSCP, or vendor-specific security credentials are a plus
• Scripting and automation skills (Python, PowerShell, SPL, SQL) to enhance security operations

We are seeking a highly skilled Information Security Analyst to join our growing team. In this role, you will play a crucial role in safeguarding our sensitive financial data and ensuring compliance with industry regulations. The ideal candidate will have a deep understanding of information security principles and best practices, with experience in the fintech or financial services sector. ensuring the protection of our digital assets from unauthorized access and breaches. Additionally, the analyst will be responsible for creating detailed security reports, updating incident response plans and educating employees on best security practices.

Key Responsibilities:

· Monitor and analyze security events and incidents to identify potential threats and vulnerabilities, with a focus on protecting sensitive financial data

· Conduct regular security assessments and audits to ensure compliance with regulatory requirements such as PCI DSS, ISO 27001 and

· Collaborate with cross-functional teams to implement security controls and measures to mitigate cyber risks and safeguard our systems and infrastructure

· Develop and update incident response plans to manage and mitigate the impact of security breaches efficiently.

· Ensure third-party vendors comply with security requirements and standards, mitigating external risks

· Conduct security awareness training and education programs for employees to promote a culture of security awareness.

· Assist with the implementation and management of security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint security solutions.

Desired Skills and Experience:

· In-depth knowledge of cybersecurity, firewalls, network security, information assurance, Linux, UNIX, security information and event management (SIEM), application security, security engineering, and security architecture.

· Proficiency in ethical hacking to expose vulnerabilities and protect against malicious attacks.

· Certifications such as CISSP, CISM, CSSP are a plus

· 3 years of experience in information security roles, with a focus on security analysis and incident response.

· Strong analytical skills for assessing and mitigating security risks.

· Extensive experience in conducting penetration tests on a variety of systems and applications to identify security vulnerabilities.

Interested candidates apply