23 Security Awareness Training jobs in Pakistan

Description
Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there's really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview
As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you'll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent minds and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory/security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.

What You Will Bring To The Team

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience with auditing vendors/service providers/partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
• Bachelor's degree in Computer Science or Information Technology.

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer life insurance, optional health insurance, and retirement benefits in line with Company policy. Employees also enjoy additional perks such as the Voluntary Pension Scheme, EOBI, complimentary meals, and access to our in-house gym.

We take pride in being an equal opportunity employer and remain dedicated to maintaining a workplace free from discrimination of any kind. If you are passionate about driving innovation in IT, sales, engineering, or operations, Zones provides a dynamic and collaborative environment to help you grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Job timings: 08:00 PM to 05:00 AM (Pk time)

About The Role
TEKHQS is seeking a proactive and detail-oriented
Security / Compliance Specialist
to strengthen our organization's security posture and ensure adherence to compliance standards. The ideal candidate will have hands-on experience in managing access control, implementing compliance workflows, and driving continuous improvement across security policies and procedures.

You'll work closely with IT, HR, DevOps, and Management teams to ensure data integrity, security readiness, and regulatory alignment across the company's operations and client projects.

Key Responsibilities

• Oversee access control management, ensuring proper authorization, provisioning, and de-provisioning of users across all systems and applications.
• Maintain and improve the company's security posture, ensuring best practices in data protection, network security, and endpoint compliance.
• Develop, document, and implement security and compliance policies, SOPs, and frameworks (e.g., ISO 27001, SOC 2, GDPR).
• Conduct internal security audits and risk assessments to identify potential vulnerabilities and areas of improvement.
• Collaborate with teams to ensure security awareness and training programs are effectively executed across the organization.
• Monitor and respond to security incidents, ensuring timely mitigation and documentation.
• Maintain vendor risk assessments and ensure third-party tools meet compliance requirements.
• Assist in client security questionnaires, compliance documentation, and audit preparation.
• Support automation of compliance workflows for efficient tracking and reporting.
• Ensure all onboarding and offboarding processes meet internal and external security requirements.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3+ years of experience in IT Security, Compliance, or Risk Management.
• Strong knowledge of access management systems, IAM principles, and security frameworks (ISO 27001, SOC 2, GDPR, NIST).
• Hands-on experience with security monitoring tools, compliance automation tools, and audit documentation.
• Familiarity with cloud environments (AWS, GCP, Azure) and related compliance models.
• Excellent analytical, documentation, and communication skills.
• Certifications like CISM, CISA, ISO 27001 Lead Implementer, or CompTIA Security+ are a plus.

Location:
Lahore/Islamabad/Karachi (Remote)

Type:
Full-time

Experience:
3+ Years

Department:
Information Security & Compliance

Why Join Us?
At TEKHQS, we value integrity, innovation, and ownership. Youll be part of a growing team thats serious about compliance and proactive in building secure, world-class systems. This is your chance to shape the companys security roadmap and work with global clients in a dynamic, forward-thinking environment.

About Nakisa
Nakisa stands as a global leader in enterprise business solutions, specializing in Human Resources, Financial Management, and Real Estate. We are dedicated to delivering innovative, forward-thinking, and robust software solutions that propel business strategies forward. Trusted by numerous Fortune 1000 companies, our top-of-the-line solutions have consistently excelled in the market, underscoring our commitment to providing our clients with unparalleled experience.

Our team represents a rich tapestry of cultural and religious backgrounds, making diversity our greatest asset. Unified by our values of Fairness, Integrity, Service, and Humility, we foster an environment where unity and teamwork are our core strengths. At Nakisa, we continuously strive to ensure that these values guide our actions at every level.

As a company, we are in a phase of dynamic growth and prosperity, offering ample opportunities for those who join us on this journey to develop and thrive alongside us. If you are seeking a workplace where your contributions are valued and where you can actively participate in our pursuit of excellence, Nakisa welcomes you with open arms.

We're recognized as one of the best Canadian employers, having been named one of Montreal's top employers, as well as
one of Canada's best employers
for recent graduates.

Our people and our culture are the key to our success. If you're looking for a workplace that embraces a hybrid work model, values your contributions, and encourages active participation in our pursuit of excellence, Nakisa warmly invites you to join us.

Description:
Nakisa is seeking a detail-oriented, proactive, and technically curious
Security and Compliance Analyst
to support our growing global security and compliance initiatives. This role is central to maintaining and enhancing Nakisa's compliance posture with recognized standards such as
SOC 1, SOC 2, ISO/IEC 27001
, and data privacy regulations.

You'll work closely with internal teams and external auditors to manage evidence collection, track audit deliverables, and maintain robust documentation. You'll also assist with RFPs/RFIs from prospective clients and contribute to internal security improvement projects. A strong interest and understanding of
Artificial Intelligence (AI)
, particularly its implications on compliance and security, is essential.

This is an excellent opportunity for someone looking to launch or grow a career in information security and compliance in a
fast-paced SaaS environment
that is deeply invested in
cloud technology, AI
, and
process excellence
.

Key Responsibilities:

• Coordinate and manage tasks related to Nakisa's security and compliance programs, including SOC 1, SOC 2, and ISO 27001 audits.
• Collaborate with internal stakeholders and external auditors to collect, organize, and validate audit evidence and documentation.
• Drive and support continuous improvement of internal processes, controls, and compliance documentation.
• Assist in completing security and compliance sections of RFPs, RFIs, and due diligence questionnaires from prospects and clients.
• Contribute to internal information security projects and process improvements.
• Ensure documentation and policies are accurate, up-to-date, and aligned with industry standards.
• Monitor and follow up on compliance deadlines, audit deliverables, and remediation actions.
• Stay informed on evolving security frameworks, regulatory requirements, and AI-related security practices.
• Educate employees on security awareness topics and best practices through training, content creation, or internal communications.

Qualifications:

• Bachelor's degree in information security, Cybersecurity, Information Systems, Computer Science, or a related field—or equivalent hands-on experience.
• Solid knowledge of industry standards and frameworks, such as:
• SOC 1 / SOC 2 (Type I & II), ISO/IEC 27001 & 27017, CIS Controls, Data protection regulations (GDPR, PIPEDA, CCPA, etc.)
• Strong reporting and documentation skills:
• Proficiency in generating audit reports, compliance documentation, and RFP/RFI responses
• Skilled in Excel, Word, PowerPoint, and PDF tools for structured reporting and evidence tracking
• Experience with compliance audits, security questionnaires, or risk assessments
• Basic technical knowledge of cloud environments (AWS, Azure, GCP), access controls, encryption, and security operations
• Exceptional attention to detail, with the ability to identify gaps, maintain precision, and meet deadlines
• Strong verbal and written communication skills, comfortable working cross-functionally with internal teams, auditors, and clients
• Demonstrated interest and foundational knowledge in Artificial Intelligence, especially its impact on cybersecurity and compliance

Preferred:

• 3+ years of relevant work experience in security compliance, audit, or GRC functions
• Exposure to internal controls testing, risk registers, or information security policies
• Certifications (or active pursuit) such as:
• Certified in Cybersecurity (ISC² CC), ISO 27001 Lead Implementer or Foundations, CISA etc.

We are excited to see how you can contribute to Nakisa's continued success and innovation. If you are passionate about making a difference and ready to take on new challenges, we invite you to apply for this role. At Nakisa, we believe in fostering a supportive and engaging work environment where every team member can thrive and grow. Apply now to join our team and help shape the future of enterprise business solutions.

We look forward to reviewing your application and getting to know you better.

Responsible for designing and implementing enterprise-wide security architectures to protect organizational information systems. Ensures robust security frameworks, compliance with industry standards, and proactive threat mitigation. Collaborates with IT, risk, and business teams to evaluate security risks, integrate advanced security solutions, and optimize defenses. Develops policies, procedures, and technical controls to safeguard data, systems, and networks, while continuously monitoring emerging threats and evolving security technologies to maintain a resilient security posture.

• Design, implement, and maintain enterprise security architecture strategies effectively.
• Evaluate system vulnerabilities and recommend mitigation strategies proactively.
• Collaborate with IT teams to integrate security solutions seamlessly.
• Ensure compliance with regulatory and industry security standards consistently.
• Conduct risk assessments and provide recommendations for security improvements.
• Develop security policies, standards, and guidelines for organization.
• Monitor emerging threats and recommend advanced protective measures regularly.
• Provide guidance on secure system designs and architecture reviews.

• Expertise in network, application, and cloud security architecture principles.
• Strong knowledge of security frameworks, standards, and regulatory requirements.
• Proficiency in threat modeling, risk assessment, and mitigation techniques.
• Experience with security tools, monitoring, and incident response processes.
• Excellent analytical, problem-solving, and communication skills for collaboration.
• Ability to design and implement scalable, resilient security architectures.

Note: Salary is disbursed in the local currency of the country of employment.

• Date Posted

August 20, 2025
- Location

Hyderabad
- Offered Salary:

¤ ¤
- Expiration date

June 2, 2026
- Experience

5 Year
- Gender

Both
- Qualification

Bachelor Degree
- Career Level

Others

We're looking for an experienced Information Security Manager to lead our security operations, compliance and governance while building a culture of cyber resilience across the organization.

Requirements:

8+ years in information security (4 years in leadership role).

Strong knowledge of security frameworks (ISO 27001, NIST).

Hands-on with SOC, SIEM, vulnerability management & DevSecOps.

Overall security compliance & GRC expertise.

Certifications like CISSP, CISM, or CISA a big plus.

Are you passionate about cybersecurity and looking to make a real impact in the fast-evolving world of digital banking? We're seeking a dynamic Information Security Administrator to take charge of securing our cutting-edge Digital Retail Bank (DRB) infrastructure. This role is perfect for someone who thrives on deploying state-of-the-art security solutions, managing SIEM integrations, and ensuring compliance with industry-leading frameworks. If you're ready to lead security initiatives, protect critical assets, and shape the future of secure digital banking, this is your opportunity

Requirements
Security Infrastructure & Implementation:

• Design, deploy, and optimize security solutions to safeguard digital banking platforms
• Strengthen network and system security through proactive hardening techniques
• Implement cutting-edge cloud security strategies across AWS, Azure, and Google Cloud
• Ensure compliance with top cybersecurity regulations and frameworks.

Operations & Administration:

• Oversee system security, endpoint protection, and real-time threat detection
• Manage user access control, identity verification, and multi-factor authentication
• Support incident response efforts, conduct forensic investigations, and mitigate risks
• Develop and enforce security policies, procedures, and best practices.

Technical Expertise & SIEM Management:

• Configure and maintain firewalls, IDS/IPS, VPNs, and endpoint security tools
• Deploy and integrate SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.) for real-time monitoring
• Oversee log and event management to detect and neutralize security threats
• Implement automation to streamline security operations and incident response.

Threat Prevention & Awareness:

• Conduct risk assessments and proactively manage vulnerabilities before they become threats
• Stay ahead of emerging cyber threats and implement cutting-edge defenses
• Drive company-wide cybersecurity awareness through training and education initiatives
• Collaborate with IT, compliance, and business teams to strengthen security posture.

Qualifications

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field
• 4-6 years of experience in infrastructure security, cybersecurity operations, or cloud security
• Strong expertise in network protocols, firewalls, VPNs, IDS/IPS, and endpoint security
• Hands-on experience with SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.)
• Proficiency in cloud security (AWS, Azure, Google Cloud) and securing virtual environments
• Strong skills in writing and enforcing security policies and guidelines
• Professional certifications like CISSP, CEH, OSCP, or vendor-specific security credentials are a plus
• Scripting and automation skills (Python, PowerShell, SPL, SQL) to enhance security operations

Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture, this is your chance to make a real impact

Threat & Incident Management:

• Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
• Support incident response by analyzing security events and escalating issues.
• Manage access control policies to prevent unauthorized access to sensitive data.

Security Tools Management:

• Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Maintain and optimize antivirus, endpoint protection, and data leak prevention tools.
• Continuously evaluate security tools to enhance detection and response capabilities.

Technical Security Implementation:

• Design and implement network security controls (firewalls, IDS/IPS, VPNs).
• Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
• Implement patch management strategies to address security gaps.

Security Architecture & Compliance:

• Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards.
• Monitor security event logs and analyze anomalies for proactive threat detection.
• Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.

Research & Development:

• Track emerging cyber threats and enhance detection techniques.
• Conduct threat intelligence analysis and proactively implement risk mitigation measures.
• Lead cybersecurity awareness initiatives and train internal teams on security protocols.

Documentation & Reporting:

• Maintain system documentation, incident response playbooks, and escalation procedures.
• Generate security reports and dashboards for continuous security posture improvement.

Requirements

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
• Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
• Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security.
• Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
• Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
• Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
• Familiarity with forensic investigation techniques, malware analysis, and threat intelligence.
• Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.

We are seeking a highly skilled Information Security Analyst to join our growing team. In this role, you will play a crucial role in safeguarding our sensitive financial data and ensuring compliance with industry regulations. The ideal candidate will have a deep understanding of information security principles and best practices, with experience in the fintech or financial services sector. ensuring the protection of our digital assets from unauthorized access and breaches. Additionally, the analyst will be responsible for creating detailed security reports, updating incident response plans and educating employees on best security practices.

Key Responsibilities:

· Monitor and analyze security events and incidents to identify potential threats and vulnerabilities, with a focus on protecting sensitive financial data

· Conduct regular security assessments and audits to ensure compliance with regulatory requirements such as PCI DSS, ISO 27001 and

· Collaborate with cross-functional teams to implement security controls and measures to mitigate cyber risks and safeguard our systems and infrastructure

· Develop and update incident response plans to manage and mitigate the impact of security breaches efficiently.

· Ensure third-party vendors comply with security requirements and standards, mitigating external risks

· Conduct security awareness training and education programs for employees to promote a culture of security awareness.

· Assist with the implementation and management of security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint security solutions.

Desired Skills and Experience:

· In-depth knowledge of cybersecurity, firewalls, network security, information assurance, Linux, UNIX, security information and event management (SIEM), application security, security engineering, and security architecture.

· Proficiency in ethical hacking to expose vulnerabilities and protect against malicious attacks.

· Certifications such as CISSP, CISM, CSSP are a plus

· 3 years of experience in information security roles, with a focus on security analysis and incident response.

· Strong analytical skills for assessing and mitigating security risks.

· Extensive experience in conducting penetration tests on a variety of systems and applications to identify security vulnerabilities.

Interested candidates apply

Department:
Information Security

Reports To:
Chief Executive Officer

Job Grade:
SVP

Total Position
: 01

Location:
Head Office, Islamabad

What is Head Information Security – MMBL?

The
Head Information Security at Mobilink Microfinance Bank Ltd. (MMBL)
is a senior leadership position responsible for developing and overseeing the bank's cybersecurity and information security strategies. This role involves ensuring that all digital assets, customer data, and internal systems are protected against cyber threats by implementing robust policies, frameworks, and incident response plans in line with international best practices and regulatory requirements.

The Head Information Security works closely with senior management and regulatory bodies to monitor risks, respond to emerging threats, and cultivate a strong security culture within the organization. Additionally, the role requires strategic thinking, technical expertise, and effective communication skills to influence decision-making at the highest levels and to align security efforts with the bank's overall goals.

What Head Information Security – MMBL Does?

• Provide vision, leadership, and strategic direction for Information Security to safeguard MMBL's information assets.
• Develop and maintain information security policies and procedures aligned with best industry practices.
• Implement a comprehensive Information Security Framework to protect bank systems and data from threats.
• Prepare and maintain a Cyber Security Action Plan to anticipate, withstand, detect, and respond to cyber-attacks in line with international standards.
• Implement a robust Incident Reporting Mechanism to report security incidents to senior management, Board of Directors (BoD), and regulators as required.
• Periodically prepare and present updates, reports, and statistics to the Board Risk Management & Compliance Committee (RCC) on cybersecurity developments and implementation status.
• Manage an effective Information Security Risk Management process: Identify, measure, monitor, and control risks. Prioritize material information security risks.
• Assess risks related to technology outsourcing and procurement.
• Evaluate information security risks in new and significantly changed applications or software systems.
• Monitor technological developments and remain up-to-date on emerging cyber risk management practices.
• Identify and prioritize critical information system assets.
• Conduct periodic risk-based vulnerability assessments and impact analysis.
• Ensure implementation of security controls and corrective actions to address identified vulnerabilities.
• Establish a testing program to validate the effectiveness of controls and the overall security environment regularly.
• Oversee the investigation of information security incidents.
• Gather and analyze internal and external threat intelligence to strengthen security posture.
• Collaborate with industry peers to share experiences and enhance MMBL's resilience and preventive capabilities.
• Promote security awareness among employees and encourage adherence to best practices.
• Perform any other tasks assigned by immediate supervisors, senior management, or the board.

What are we looking for and what does it require to be Head Information Security - MMBL?

• Education: Bachelor's or Master's degree in Computer Science, Information Security, or related field. Relevant certifications such as CISSP, CISM, CISA, CEH preferred.
  • Experience: Minimum 10 years in Information Security within the banking or financial services sector.
  • Technical Expertise: In-depth understanding of information security frameworks (e.g., ISO 27001, NIST). Experience in cyber risk management, threat intelligence, and incident response. Knowledge of security technologies, vulnerabilities assessment tools, and mitigation techniques.
• Strategic & Operational Skills: Proven ability to develop and implement security policies, procedures, and cyber action plans. Strong capability in risk assessment for systems, applications, and third-party engagements. Experience in presenting to senior management and board committees.
• Leadership & Communication: Strong leadership and team management skills. Excellent written and verbal communication, especially in reporting to executive leadership. Ability to lead security awareness and training programs.
• Compliance & Governance: Familiarity with regulatory requirements and standards applicable to financial institutions. Experience in reporting and liaising with regulators and external stakeholders.

About MMBL:

Mobilink Microfinance Bank Ltd. is providing banking services to over 48 million registered users including 20+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 114 branches and 270,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan instalments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion. MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business.

Why Join MMBL?

This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavour.