48 Identity And Access Management Expert jobs in Pakistan

Universal Digital Health Care (UDHC) , Pakistan

• Cloud Security Architecture: Design, develop, and implement robust security architecture for cloud-based systems, ensuring compliance with industry standards and regulations. Had working for SIME deployments i.e. WAZUH or any similar tool.

• Security Implementation: Deploy and configure security tools, controls, and technologies in cloud environments, such as firewalls, intrusion detection/prevention systems, encryption mechanisms, and access controls.

• Risk Assessment and Management: Conduct regular risk assessments and vulnerability scans to identify and mitigate security risks and threats in cloud infrastructure and applications.

• Incident Response: Develop and maintain incident response plans and procedures to effectively respond to security incidents, including investigation, containment, and remediation.

• Security Monitoring and Logging: Implement monitoring and logging solutions to continuously track and analyze security events and activities within cloud environments and respond promptly to any suspicious behavior or anomalies.

• Identity and Access Management (IAM): Manage user access and permissions in cloud platforms, ensuring least privilege principles are enforced and access controls are properly configured.

• Security Compliance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001) in cloud environments, and assist with audits and assessments as needed.

• Security Awareness and Training: Develop and deliver security awareness programs and training sessions to educate employees and stakeholders on cloud security best practices and policies.

• Collaboration and Communication: Collaborate with cross-functional teams, including IT operations, development, and business units, to integrate security into all aspects of the cloud lifecycle and communicate security requirements effectively.

• Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and security technologies in the cloud space, and recommend and implement improvements to enhance the overall security posture.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or a related field; master’s degree preferred.

• Proven experience (2-3 years) working as a security engineer or architect, with a focus on cloud security.

• Strong understanding of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and their security features and services.

• Hands-on experience with cloud security tools and technologies, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud security posture management (CSPM) tools.

• Certifications such as Certified Cloud Security Professional (CCSP), or AWS Certified Security Specialty are highly desirable.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and collaboratively in a fast-paced environment.

• Strong commitment to maintaining the highest standards of security and compliance.

• Experience with scripting and automation (e.g., Python, PowerShell) for security tasks is a plus

Hospital & Health Care - Lahore, Pakistan

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

About the Role:

We are seeking a motivated Information Security Specialist with a strong foundation in compliance frameworks and offensive security. The ideal candidate will have hands-on experience with ISO 27001, HIPAA, SOC 2, as well as practical skills in penetration testing and security risk assessments. This role requires both a compliance mindset and an attacker’s perspective to ensure a well-rounded approach to organizational security.

Key Responsibilities:

○ Maintain and improve the organization’s Information Security Management System (ISMS) in alignment with ISO 27001.

○ Support compliance efforts for HIPAA and SOC 2 frameworks.

○ Conduct risk assessments, document findings, and recommend remediation strategies.

○ Assist in preparing for internal and external audits.

● Offensive Security & Technical Security Testing

○ Perform internal and external penetration testing, including web, network, and cloud environments.

○ Conduct vulnerability assessments and report exploitable weaknesses.

○ Simulate real-world attack scenarios to test security controls and incident response readiness.

● Security Awareness & Incident Support

○ Work with cross-functional teams to improve security posture.

○ Contribute to security awareness training programs.

○ Assist in security incident investigations and root cause analysis.

Required Qualifications

● Education: Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).

○ Offensive Security Certifications: CPPT, CWPTX or similar

○ 2–3 years in information security roles covering both compliance and offensive security.

○ Hands-on involvement in ISO 27001 implementation/maintenance, HIPAA, and SOC 2 compliance projects.

○ Experience performing penetration tests and vulnerability assessments.

Desired Skills:

● Knowledge of security standards such as NIST, CIS Controls, and GDPR.

● Strong report writing and communication skills for both technical and non-technical audiences.

● Understanding of incident response processes.

Key Responsibilities:

Develop and implement information security policies and procedures.

Conduct regular risk assessments and vulnerability assessments.

Monitor and respond to security incidents and breaches.

Manage and maintain security tools and technologies.

Collaborate with IT teams to ensure compliance with security standards.

Educate employees about security best practices and awareness.

Maintain an up-to-date knowledge of cybersecurity threats and trends.

Assist in the development and maintenance of disaster recovery and business continuity plans.

Conduct security audits and assessments, ensuring compliance with regulatory requirements.

Continuously improve security awareness and practices throughout the organization.

Qualification and Experience:

Bachelor's degree in Computer Science, Information Technology, or a related field.

2+ years of experience in information security or a related role.

Strong understanding of cybersecurity principles and best practices.

Knowledge of industry standards and compliance regulations (e.g., NIST, ISO 27001, GDPR).

Experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM).

Ability to perform risk assessments and vulnerability assessments.

Excellent problem-solving and communication skills.

Security certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.

Strong attention to detail and analytical skills.

Work mode:

Work from Office.

Shift Time:

10am-7pm.

Location:

Bahria Town Ph 7 Office.

Salary:

Market Competitive.

Job Type: Full-time

Ability to commute/relocate:

• Rawalpindi: Reliably commute or planning to relocate before starting work (Required)

The SOC Officer is responsible for proactively monitoring, identifying, analyzing, and responding to cybersecurity threats and incidents in real-time. Operating within a Security Operations Center (SOC), the role ensures the continuous protection, integrity, and availability of the organization’s information systems and digital assets.

• Shift work will be required over a rotating schedule to cover 24/7/365 operation. Successful candidates should demonstrate a foundational understanding of Information Security, SOC Operations, SIEM, IP Networking, Networking Protocols, Routing & Switching, and System Administration, with a genuine passion for Information Security.
• Monitor security and report suspicious activity to higher authorities or team members.
• Collect, analyze, and follow up on security events, metrics, incidents, and other relevant information to meet security objectives.
• Perform or oversee root cause analysis on reported security events and incidents, including preliminary forensic analysis.
• Develop alerts and use cases in SIEM for detecting security or fraud anomalies, policy non-compliance, etc.
• Monitor security alerts from XDR, Firewall, IPS, IDS, WAF, FIM, DAM, and gather threat intelligence.
• Analyze network traffic to identify anomalies and potential threats, ensuring compliance with policies through routine network reviews.
• Ensure all security incidents are logged and maintain an incident management system.
• Perform event correlation to assess attack effectiveness and gain situational awareness.
• Generate reports for IT administrators, business managers, and security leaders to evaluate security policy efficacy.
• Advise on and implement necessary countermeasures against attacks.
• Keep security systems updated and contribute to security strategies.
• Document incidents to aid in incident response and disaster recovery planning.
• Assess third-party vendors' security strengths and collaborate accordingly.
• Conduct regular security assessments, vulnerability scans, penetration testing, and risk analyses.
• Implement safeguards and conduct periodic reviews and audits of access controls and security procedures.

• Holds a BCS or MS degree in Computer Science or Information Security.
• Has at least 1 year of experience or is a fresh graduate with hands-on exposure to SOC environments.

Job Location: Head Office

Mobilink Microfinance Bank Ltd. provides banking services to over 48 million users across Pakistan, combining traditional microfinance with digital banking technologies, operating over 114 branches and 270,000 agents. The bank offers various financial services including savings, loans, remittances, and mobile wallets, promoting financial inclusion.

This role offers an opportunity for passionate individuals eager to make a difference and contribute to transformative change in digital banking. Join us to empower millions and be part of a dedicated team committed to innovation and customer-centricity.

We are seeking an Information Security Analyst to join our team in Gujrat. In this role, you will be responsible for ensuring the confidentiality, integrity, and availability of our organization's information systems and data.

Your main duties will include:

1. Assessing potential security risks
2. Implementing security measures
3. Responding to security incidents

The ideal candidate should have at least 2 years of experience in information security, relevant certifications such as CISSP or CISM , and a strong understanding of security principles and technologies.

This position offers a salary of 900$ and is located in Gujrat. Candidates with their own visa or freshers are encouraged to apply.