31 IT Security Consultant jobs in Pakistan

KalSoft is seeking an experienced Information Security Consultant with a strong background in cybersecurity, risk management, and compliance. The consultant will be responsible for developing security frameworks, identifying vulnerabilities, mitigating risks, and advising both clients and internal stakeholders on best practices for safeguarding critical information assets.

Location: KSA, Riyadh (Onsite)
Experience: Minimum 5 years Key Responsibilities

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

Requirements

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

#J-18808-Ljbffr

KalSoft is seeking an experienced Information Security Consultant with a strong background in cybersecurity, risk management, and compliance. The consultant will be responsible for developing security frameworks, identifying vulnerabilities, mitigating risks, and advising both clients and internal stakeholders on best practices for safeguarding critical information assets.

Location: KSA, Riyadh (Onsite)
Experience: Minimum 5 years Key Responsibilities

• Security Strategy & Governance: Develop, implement, and update security policies, procedures, and controls to align with global standards (ISO 27001, NIST, GDPR, PCI DSS).
• Risk & Vulnerability Management: Conduct regular risk assessments, vulnerability scans, penetration testing, and security audits to proactively identify and remediate threats.
• Incident Response & Forensics: Monitor security systems, investigate incidents, perform root cause analysis, and lead incident response activities to minimize impact and prevent recurrence.
• Compliance & Audit Readiness: Ensure organizational compliance with local and international regulations, prepare documentation, and support internal/external security audits.
• Infrastructure & Cloud Security: Provide expert guidance on securing networks, applications, endpoints, and cloud environments (Azure, AWS, etc.).
• Data Protection & Access Control: Design and implement robust identity, access management, and encryption strategies to safeguard sensitive information.
• Awareness & Training: Conduct security awareness programs and workshops for employees and client teams to strengthen security culture.
• Advisory & Consulting: Work closely with business units, IT teams, and client stakeholders to integrate security requirements into new solutions, projects, and digital transformation initiatives.
• Reporting & Documentation: Prepare detailed reports, dashboards, and presentations on risk posture, incidents, compliance gaps, and remediation plans for senior management and clients.

Requirements

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field.
• 5+ years’ experience in information security or cybersecurity consulting.
• Hands-on expertise with firewalls, IDS/IPS, SIEM, DLP, endpoint security, and cloud security tools .
• Strong knowledge of security frameworks and regulatory compliance.
• Preferred certifications: CISSP, CISM, CEH, ISO 27001 LA/LI .

#J-18808-Ljbffr

We are seeking a highly skilled and motivated Mid-Tier Cyber Security Consultant with 4–5 years of proven experience in Vulnerability Assessment and Penetration Testing (VAPT), client handling, and red teaming. The ideal candidate will be a self-motivated professional with strong technical expertise and exceptional soft skills, capable of delivering high-quality services in a fast-paced, client-focused environment. Preference will be given to candidates with relevant certifications and experience in a vendor-side company.

Key Responsibilities

• Vulnerability Assessment and Penetration Testing (VAPT):
  • Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, cloud environments, and mobile applications.
  • Identify, analyze, and prioritize security vulnerabilities using industry-standard tools and methodologies.
  • Develop detailed technical reports with findings, risk assessments, and remediation recommendations tailored to technical and non-technical stakeholders.
  • Stay updated on emerging threats, vulnerabilities, and attack vectors to enhance testing methodologies.

• Red Teaming:
  • Plan and execute advanced red team engagements, simulating real-world cyberattacks to test organizational defenses.
  • Perform reconnaissance, social engineering, privilege escalation, and lateral movement to identify weaknesses in security controls.
  • Collaborate with blue teams to validate detection and response capabilities, providing actionable insights to improve security posture.
  • Document red team activities, including attack scenarios, methodologies, and outcomes, in clear and concise reports.

• Client Handling:
  • Act as the primary point of contact for clients, building strong relationships and ensuring clear communication throughout the engagement lifecycle.
  • Conduct scoping meetings, gather requirements, and tailor security assessments to meet client-specific needs and objectives.
  • Present findings and recommendations to clients in a professional and approachable manner, addressing both technical and business audiences.
  • Manage client expectations, resolve concerns promptly, and ensure high levels of client satisfaction.

• Project Management and Delivery:
  • Manage multiple concurrent projects, ensuring timely delivery of high-quality results within scope and budget.
  • Develop project plans, timelines, and deliverables in collaboration with internal teams and clients.
  • Proactively identify risks and challenges in engagements and implement solutions to maintain project momentum.

Required Qualifications

• Experience:
  • 4–5 years of hands-on experience in cyber security, with a focus on VAPT and red teaming.
  • Proven track record in a vendor-side company, delivering security services to diverse clients across industries.
  • Demonstrated experience in managing end-to-end VAPT engagements, including scoping, execution, and reporting.
  • Hands-on experience in red team operations, including adversarial simulation and advanced attack techniques.
• Certifications (Preferred):
  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (CEH)
  • GIAC Penetration Tester (GPEN)
  • Certified Red Team Professional (CRTP)
  • Other relevant certifications (e.g., CompTIA PenTest+, CISSP, or equivalent)
• Soft Skills:
  • Excellent communication and presentation skills, with the ability to explain complex technical concepts to non-technical stakeholders.
  • Strong interpersonal skills, with a client-centric approach to build trust and long-term relationships.
  • Self-motivated and proactive, with a strong sense of ownership and accountability for deliverables.
  • Ability to work independently and collaboratively in a team-oriented environment.
• Preferred Qualifications
  • Experience working in a vendor-side cyber security firm, delivering services to clients in sectors such as finance, healthcare, or technology.
  • Familiarity with compliance frameworks such as ISO 27001, GDPR, or NIST.
  • Ability to mentor junior team members and contribute to knowledge-sharing initiatives.

#J-18808-Ljbffr

We are seeking a highly skilled and motivated Mid-Tier Cyber Security Consultant with 4–5 years of proven experience in Vulnerability Assessment and Penetration Testing (VAPT), client handling, and red teaming. The ideal candidate will be a self-motivated professional with strong technical expertise and exceptional soft skills, capable of delivering high-quality services in a fast-paced, client-focused environment. Preference will be given to candidates with relevant certifications and experience in a vendor-side company. Key Responsibilities Vulnerability Assessment and Penetration Testing (VAPT):

Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, cloud environments, and mobile applications. Identify, analyze, and prioritize security vulnerabilities using industry-standard tools and methodologies. Develop detailed technical reports with findings, risk assessments, and remediation recommendations tailored to technical and non-technical stakeholders. Stay updated on emerging threats, vulnerabilities, and attack vectors to enhance testing methodologies.

Red Teaming:

Plan and execute advanced red team engagements, simulating real-world cyberattacks to test organizational defenses. Perform reconnaissance, social engineering, privilege escalation, and lateral movement to identify weaknesses in security controls. Collaborate with blue teams to validate detection and response capabilities, providing actionable insights to improve security posture. Document red team activities, including attack scenarios, methodologies, and outcomes, in clear and concise reports.

Client Handling:

Act as the primary point of contact for clients, building strong relationships and ensuring clear communication throughout the engagement lifecycle. Conduct scoping meetings, gather requirements, and tailor security assessments to meet client-specific needs and objectives. Present findings and recommendations to clients in a professional and approachable manner, addressing both technical and business audiences. Manage client expectations, resolve concerns promptly, and ensure high levels of client satisfaction.

Project Management and Delivery:

Manage multiple concurrent projects, ensuring timely delivery of high-quality results within scope and budget. Develop project plans, timelines, and deliverables in collaboration with internal teams and clients. Proactively identify risks and challenges in engagements and implement solutions to maintain project momentum.

Required Qualifications Experience:

4–5 years of hands-on experience in cyber security, with a focus on VAPT and red teaming. Proven track record in a vendor-side company, delivering security services to diverse clients across industries. Demonstrated experience in managing end-to-end VAPT engagements, including scoping, execution, and reporting. Hands-on experience in red team operations, including adversarial simulation and advanced attack techniques.

Certifications (Preferred):

Offensive Security Certified Professional (OSCP) Certified Ethical Hacker (CEH) GIAC Penetration Tester (GPEN) Certified Red Team Professional (CRTP) Other relevant certifications (e.g., CompTIA PenTest+, CISSP, or equivalent)

Soft Skills:

Excellent communication and presentation skills, with the ability to explain complex technical concepts to non-technical stakeholders. Strong interpersonal skills, with a client-centric approach to build trust and long-term relationships. Self-motivated and proactive, with a strong sense of ownership and accountability for deliverables. Ability to work independently and collaboratively in a team-oriented environment.

Preferred Qualifications

Experience working in a vendor-side cyber security firm, delivering services to clients in sectors such as finance, healthcare, or technology. Familiarity with compliance frameworks such as ISO 27001, GDPR, or NIST. Ability to mentor junior team members and contribute to knowledge-sharing initiatives.

#J-18808-Ljbffr

This role is responsible to identify, measure and manage risks faced by the Company by implementing risk management policies and procedures.

Competencies Good knowledge of insurance industry, its regulatory requirements, current market environment and industry best practices in risk management. Attention to detail and analytical skills, strong organizational and problem solving skills. Ability to work independently and under pressure.

Qualification Required Minimum graduate degree in Risk Management or related field. ACCA qualified/ CA part qualified or pursuing FRM certification will be preferred.

#J-18808-Ljbffr

Join to apply for the Deputy Manager Risk Management role at ACCA Careers

3 days ago Be among the first 25 applicants

Experience: At least 2 years of relevant experience.

Qualification: Minimum graduate degree in Risk Management or related field. ACCA qualified, CA part-qualified, and/or pursuing FRM certification will be preferred.

Skills: Good knowledge of the insurance industry, its regulatory requirements, current market environment, and industry best practices in risk management. Attention to detail, analytical skills, strong organizational and problem-solving skills. Ability to work independently and under pressure.

Job Role: Responsible for identifying, measuring, and managing risks faced by the company by implementing risk management policies and procedures.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Finance and Sales

Industries

• Insurance

Referrals increase your chances of interviewing at ACCA Careers by 2x.

Sign in to set job alerts for “Manager Risk Management” roles. #J-18808-Ljbffr

Job Description :

Dear All,

We are looking to hire Asst. Manager Risk Management - Financial Services

Job description:

Assist Head of Risk Management in overall implementation of Enterprise Risk Management framework

Identification of key risk areas, key risks involved therein, mapping of these with internal controls and identification of gaps. Preparation & maintenance of Risk Inventory Register in line with Risk Appetite.

Ensure compliance with Risk Management Policies & Procedures. Assist Head of Risk Management in developing various risk assessment and risk monitoring tools. Liaison and conduct regular meetings with stakeholders including Compliance, IT, Business, Operations, etc. to monitor effective implementation of risk management framework and identify areas of improvement. Conduct periodic risk reviews to assess compliance with risk management framework. Assist Head of Risk Management in developing Risk management dashboards and MIS for management review. Keep abreast of latest developments in the field of risk management and suggest market best practices for management review and adoption in the risk management framework.

Requirement:

Age Limit: 25 to 35

Gender: Male

Experience: Have specific working experience of at least 2 years in Risk Management function (preferably in a bank or Fintech company) and overall experience of at least 3-4 years.

Job Specification :

Skills: Have good interpersonal and communication skills, Be proficient in MS Office, Be able to multitask with the ability to set priorities as per the given situation and Be proactive and self-starter with ability and desire to improve effectiveness.

Job Rewards and Benefits : Gratuity,Leaves,Medical #J-18808-Ljbffr

Experience: At least 02 years of relevant experience.

Qualification: Minimum graduate degree in Risk Management or related field. ACCA qualified/ CA part qualified and/ or pursuing FRM certification will be preferred.

Skills: Good knowledge of insurance industry, its regulatory requirements, current market environment, and industry best practices in risk management. Attention to detail and analytical skills, strong organizational and problem solving skills. Ability to work independently and under pressure.

Job Role:

This role is responsible to identify, measure and manage risks faced by the Company by implementing risk management policies and procedures.

#J-18808-Ljbffr

This role is responsible to identify, measure and manage risks faced by the Company by implementing risk management policies and procedures. Competencies

Good knowledge of insurance industry, its regulatory requirements, current market environment and industry best practices in risk management. Attention to detail and analytical skills, strong organizational and problem solving skills. Ability to work independently and under pressure. Qualification Required

Minimum graduate degree in Risk Management or related field. ACCA qualified/ CA part qualified or pursuing FRM certification will be preferred.

#J-18808-Ljbffr