53 Information Governance jobs in Pakistan

Job Title: Information Security Governance & BCP Manager

Job Type: Permanent

Minimum Education: Graduation (Information Security and/or BCP related certifications

• 4+ years of relevant experience
• Excellent Knowledge of Information Security controls & concepts, BCP standards and industry best practices
• Good communication and interpersonal skills and able to perform under pressure
• Knowledge and experience of Islamic Banking

Key Responsibilities:

• Manage the Enterprise Information Security Program through Policy, standards and training processes including creating, maintaining, and managing the Information Security framework, policies, processes, standards, guidelines and Security Awareness training program.
• Identify and analyze new and emerging requirements for Policy impacts, develop and update policies, procedures, standards and guidelines accordingly.
• Review the Information Security practices to verify their compliance with the Information Security policies, standards, procedures and processes.
• Develop, Maintain and Review the Business Continuity Management Plan for Samba Bank Limited in coordination with Business Risk Coordinators (BRCs) across all functions/departments of SBL and in-line with the regulatory requirements and guidelines.
• Liaison with BRCs to conduct annual BCP testing of all critical functions.
• Coordinate and support BRCs in the development process of their respective departmental BCP document.
• Manage Bi-Annual BCP Call-Tree exercises, Annual BCP Exercise of SBL, and any other drill being conducted by regulatory authority.
• Conduct annual review of Master BCP Policy document along with the annual review of departmental BCP documents and ensures that the documents are approved with all the relevant stakeholders of Samba Bank Limited.
• Prepare annual BCP Test plan along with the BCP test results report and get both documents approved from the relevant stakeholders of SBL.
• Ensure the readiness of designated BCP sites and conduct monthly review of these sites and provide the update to CISO.
• Maintain an up to date MIS of call-tree information of all the critical identified resources of functions/departments of the Bank.
• Maintain and manage the list of BISO’s and BRC’s of all the functions/departments across the Bank.
• Maintain and manage the MIS that pertains to Information Security Awareness & BCP Awareness programs and emails.
• Provide guidance in resolving the BCP related issues, audit findings, follow-up and ensure the timely closure of any BCP related issues.
• Coordinate with internal, external and regulatory auditors related to SBL BCP.
• Review of User roles and rights management and user access management.
• Review of logs that pertains to Secrecy & Fidelity of Customer Account information.
• Develop, review and update the Information Security BCP document and ensure that all the critical documents, policies, procedures and approvals memo etc. are digitalized and available to cater the BCP requirements of Information Security Department.
• Maintain and track MIS of Corrective Action Plan (CAP) of all the internal, external and regulatory audit observations pertaining to Information Security department.

Applicants must clearly mention the title of the position in the e-mail subject line.

We are an equal opportunity employer. Female candidates and persons with disabilities are encouraged to apply.

Samba Bank reserves the right to accept or decline any application.

Information Security Analyst

Our fast-growing technology company in Khanpur is seeking a highly motivated and skilled Information Security Analyst to join our team. As an Information Security Analyst, you will be responsible for protecting our company's sensitive data and ensuring the security of our systems and networks. Your primary duties will include conducting risk assessments, monitoring system activity, implementing security measures, and responding to security incidents.

The ideal candidate will have a Bachelor's degree in Computer Science or a related field, along with at least 2 years of experience in information security. Knowledge of network and system security protocols, as well as experience with security tools such as firewalls and intrusion detection systems, is required. You should also have excellent problem-solving skills and the ability to analyze complex information.

In this role, you will work closely with our IT team to identify potential vulnerabilities and develop strategies to mitigate them. You will also be responsible for staying updated on the latest security trends and best practices to ensure that our systems are always protected.

If you are passionate about information security and have a strong desire to continuously learn and improve your skills, we would love to hear from you. This is a full-time position with a competitive salary of 1600$ per month, along with accommodation provided. Candidates with their own visa are preferred, but we are open to sponsoring the right candidate. This is an excellent opportunity for freshers looking to kickstart their career in information security. Apply now and become part of our dynamic team!

This job has no reviews yet. You can be the first!

Information Security Analyst Jobs in Khanpur:

The most in-demand professions in Khanpur:

Jobs available in princess cruise company

Users also frequently search in these cities:

More professions from the category IT sphere:

Subscribe to our telegram channel @layboard_in

Universal Digital Health Care (UDHC) , Pakistan

• Cloud Security Architecture: Design, develop, and implement robust security architecture for cloud-based systems, ensuring compliance with industry standards and regulations. Had working for SIME deployments i.e. WAZUH or any similar tool.

• Security Implementation: Deploy and configure security tools, controls, and technologies in cloud environments, such as firewalls, intrusion detection/prevention systems, encryption mechanisms, and access controls.

• Risk Assessment and Management: Conduct regular risk assessments and vulnerability scans to identify and mitigate security risks and threats in cloud infrastructure and applications.

• Incident Response: Develop and maintain incident response plans and procedures to effectively respond to security incidents, including investigation, containment, and remediation.

• Security Monitoring and Logging: Implement monitoring and logging solutions to continuously track and analyze security events and activities within cloud environments and respond promptly to any suspicious behavior or anomalies.

• Identity and Access Management (IAM): Manage user access and permissions in cloud platforms, ensuring least privilege principles are enforced and access controls are properly configured.

• Security Compliance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001) in cloud environments, and assist with audits and assessments as needed.

• Security Awareness and Training: Develop and deliver security awareness programs and training sessions to educate employees and stakeholders on cloud security best practices and policies.

• Collaboration and Communication: Collaborate with cross-functional teams, including IT operations, development, and business units, to integrate security into all aspects of the cloud lifecycle and communicate security requirements effectively.

• Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and security technologies in the cloud space, and recommend and implement improvements to enhance the overall security posture.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or a related field; master’s degree preferred.

• Proven experience (2-3 years) working as a security engineer or architect, with a focus on cloud security.

• Strong understanding of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and their security features and services.

• Hands-on experience with cloud security tools and technologies, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud security posture management (CSPM) tools.

• Certifications such as Certified Cloud Security Professional (CCSP), or AWS Certified Security Specialty are highly desirable.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and collaboratively in a fast-paced environment.

• Strong commitment to maintaining the highest standards of security and compliance.

• Experience with scripting and automation (e.g., Python, PowerShell) for security tasks is a plus

Hospital & Health Care - Lahore, Pakistan

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

About the Role:

We are seeking a motivated Information Security Specialist with a strong foundation in compliance frameworks and offensive security. The ideal candidate will have hands-on experience with ISO 27001, HIPAA, SOC 2, as well as practical skills in penetration testing and security risk assessments. This role requires both a compliance mindset and an attacker’s perspective to ensure a well-rounded approach to organizational security.

Key Responsibilities:

○ Maintain and improve the organization’s Information Security Management System (ISMS) in alignment with ISO 27001.

○ Support compliance efforts for HIPAA and SOC 2 frameworks.

○ Conduct risk assessments, document findings, and recommend remediation strategies.

○ Assist in preparing for internal and external audits.

● Offensive Security & Technical Security Testing

○ Perform internal and external penetration testing, including web, network, and cloud environments.

○ Conduct vulnerability assessments and report exploitable weaknesses.

○ Simulate real-world attack scenarios to test security controls and incident response readiness.

● Security Awareness & Incident Support

○ Work with cross-functional teams to improve security posture.

○ Contribute to security awareness training programs.

○ Assist in security incident investigations and root cause analysis.

Required Qualifications

● Education: Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).

○ Offensive Security Certifications: CPPT, CWPTX or similar

○ 2–3 years in information security roles covering both compliance and offensive security.

○ Hands-on involvement in ISO 27001 implementation/maintenance, HIPAA, and SOC 2 compliance projects.

○ Experience performing penetration tests and vulnerability assessments.

Desired Skills:

● Knowledge of security standards such as NIST, CIS Controls, and GDPR.

● Strong report writing and communication skills for both technical and non-technical audiences.

● Understanding of incident response processes.