Network Security Officer

Karachi, Sindh Novi Pure

Posted today

Job Viewed

Tap Again To Close

Job Description

  • Take ownership of firewall and VPN rollout, ensuring timely execution and achievement of cost savings.
  • Provide second-shift support to improve responsiveness during outages and ensure continuity.
  • Manage coordination with FedEx, ensuring that external dependencies do not delay internal progress.

Job Type: Full-time

Pay: Rs50, Rs80,000.00 per month

Work Location: In person

This advertiser has chosen not to accept applicants from your region.

Information Security Lead

Karachi, Sindh HugoBank

Posted today

Job Viewed

Tap Again To Close

Job Description

Are you an experienced cybersecurity professional eager to take on a key role in securing Digital Retail Banking (DRB) operations? We are looking for a Cybersecurity Specialist to lead the implementation and monitoring of SIEM/SOC solutions, conduct security testing, and manage security tools such as antivirus, endpoint protection, and data leak prevention. This role ensures compliance with security frameworks and enforces cybersecurity policies to protect critical banking infrastructure. If you have a passion for threat management, vulnerability assessments, and security architecture, this is your chance to make a real impact

Requirements

Threat & Incident Management:

  • Identify, assess, and mitigate cybersecurity threats across digital banking platforms.
  • Support incident response by analyzing security events and escalating issues.
  • Manage access control policies to prevent unauthorized access to sensitive data.

Security Tools Management:

  • Deploy, configure, and manage SIEM/SOC solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
  • Maintain and optimize antivirus, endpoint protection, and data leak prevention tools.
  • Continuously evaluate security tools to enhance detection and response capabilities.

Technical Security Implementation:

  • Design and implement network security controls (firewalls, IDS/IPS, VPNs).
  • Conduct vulnerability assessments and penetration tests on networks, applications, and systems.
  • Implement patch management strategies to address security gaps.

Security Architecture & Compliance:

  • Ensure compliance with MITRE ATT&CK, NIST, PCI-DSS, ISO 27001, and regulatory standards.
  • Monitor security event logs and analyze anomalies for proactive threat detection.
  • Work with cross-functional teams to integrate security best practices across cloud and on-prem environments.

Research & Development:

  • Track emerging cyber threats and enhance detection techniques.
  • Conduct threat intelligence analysis and proactively implement risk mitigation measures.
  • Lead cybersecurity awareness initiatives and train internal teams on security protocols.

Documentation & Reporting:

  • Maintain system documentation, incident response playbooks, and escalation procedures.
  • Generate security reports and dashboards for continuous security posture improvement.

Requirements

  • Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
  • 7-9 years of experience in infrastructure security, cybersecurity operations, or penetration testing.
  • Expertise in SIEM implementation & security monitoring using QRadar, Splunk, ArcSight, Wazuh, or similar platforms.
  • Strong knowledge of network security protocols, firewalls, IDS/IPS, VPNs, and endpoint security.
  • Hands-on experience with security testing tools (Metasploit, Burp Suite, Nessus, etc.).
  • Proficiency in scripting and automation (Python, PowerShell, Bash) to improve security controls.
  • Experience with cloud security best practices (AWS, Azure, Google Cloud) and securing virtual environments.
  • Familiarity with forensic investigation techniques, malware analysis, and threat intelligence.
  • Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.
This advertiser has chosen not to accept applicants from your region.

Manager Information Security

Karachi, Sindh HRSI

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

COMPANY OVERVIEW :

Our client, a Karachi-based, State Bank of Pakistan (SBP) regulated Electronic Money Institution (EMI), seeks to appoint an experienced professional for the following role:

As Manager Information Security, you will be responsible for establishing and enforcing security protocols that safeguard companys information systems, digital assets, and customer data.

Key Areas of Responsibilities

  • Develop & Implement Information Security Strategy Design and execute a comprehensive information security roadmap aligned with companys digital infrastructure, business model, and regulatory obligations.
  • Cybersecurity Risk Management Identify, assess, and mitigate cybersecurity risks across infrastructure, applications, APIs, mobile platforms, and third-party integrations.
  • Regulatory Compliance & SBP Alignment Ensure full compliance with SBP guidelines and international security frameworks (e.g., ISO 27001, NIST), and act as the point of contact for regulator-driven security reviews.
  • Security Architecture & Operations Oversee the design, configuration, and monitoring of security systems including firewalls, endpoint protection, SIEM, encryption, and identity/access management tools.
  • Incident Response & Threat Management Develop and lead the incident response process, including detection, containment, investigation, recovery, and post-mortem reporting.
  • Security Audits & Penetration Testing Coordinate regular internal and third-party audits, vulnerability assessments, and penetration testing to ensure system hardening.
  • Employee Awareness & Policy Enforcement Establish security awareness programs, train internal staff, and enforce information security policies across all departments.
  • Collaboration with Internal Audit & IT Work closely with Internal Audit, Technology, and Compliance teams to ensure consistent enforcement of risk controls and secure infrastructure design.

Education

  • Minimum 16 years of education, preferably, Masters from a renowned and HEC recognized university or institution/equivalent foreign degree holder institution, in any/or combination of the disciplines
  • Professional certifications such as CISSP , CISM , CEH , or ISO 27001 Lead Implementer/Auditor are highly desirable

Experience

  • Information Security Expertise Minimum 5 years of relevant experience in information security or cybersecurity roles, preferably within fintech, digital banking, or regulated financial institutions
  • Regulatory & Standards Knowledge Strong understanding of SBP cybersecurity guidelines, ISO 27001, NIST, and relevant global information security frameworks
  • Incident Management & Threat Response Demonstrated experience in handling security incidents, vulnerability assessments, and threat intelligence operations
  • Security Operations & Architecture Hands-on experience with firewalls, IDS/IPS, antivirus, endpoint protection, IAM, encryption, and secure network architecture

Age

  • The candidate should be preferably not more than 40 years of age as of last date of submission of application.

If you have the required experience and educational qualification to take up the challenging role, you are requested to apply by October 24 , 2025 at

Only shortlisted candidates will be contacted.

This advertiser has chosen not to accept applicants from your region.

Security Engineer

Karachi, Sindh Contour Software

Posted today

Job Viewed

Tap Again To Close

Job Description

About Contour

Contour Software

has grown from a dozen people to over 2,000 staff across 3 cities, in less than 14 years.

As a subsidiary of Constellation Software Inc., we are proud to be part of a global enterprise software conglomerate that has grown to become one of the top 10 software companies in the world, with employees and customers in 100+ countries. With a broad-based and ever-growing portfolio of market-leading, vertical-market enterprise solutions covering more than 100 industry domains in predominantly mature markets, CSI's recipe creates the perfect environment for professionals to build fulfilling, long-term careers.

What started as an R&D & Accounting back-office, has progressed into a full-service Global Centre serving all functions and departments, at the divisional as well as operating group/corporate level. Today Contour employees, located in Karachi, Lahore & Islamabad, are serving CSI divisions located in time zones spanning the globe, from Sydney to Vancouver. With the global growth of Constellation as the wind in our sails, we are only just getting started

About the Role:

Constellation Payment

Processing is a modern Payment Facilitator (PayFac) empowering SaaS businesses to grow revenue through seamless, embedded payments. As part of Constellation Software Inc. (TSE:CSU) — a global Canadian-based software leader at a $96B market cap and the 7th largest software company in the world — we combine the agility of a specialized payments company with the strength and stability of an established global powerhouse.

We're building a cloud-native PayFac platform on AWS: microservices (DDD) across TypeScript/JavaScript, Java, and Ruby, with a ReactJS front end. As our Security Engineer, you'll co-own the DevSecOps program—driving continuous security automation, compliance automation, and penetration testing. You'll design and orchestrate SAST/SCA/DAST across our services, champion remediation practices, and partner closely with our compliance team to translate control objectives into repeatable, automated evidence.

Our customers are ISV vendors who embed payments by integrating with our APIs, SDKs, and webhooks. That means security and compliance aren't afterthoughts—they're product features. You'll ensure our developer-facing surface area is secure by default: establishing standards for authentication and authorization (OIDC/OAuth2/JWT, mTLS/JWS for webhooks), key and secret management, request signing, idempotency, rate-limiting/abuse controls, and secure data handling that minimizes PCI scope for ISVs (tokenization, hosted fields/iframes, PAN vault boundaries, network tokens). You'll create secure integration patterns (reference apps, checklists, threat models/DFDs) so partners can implement quickly without compromising controls.

Because we operate a multi-tenant PayFac, you'll harden isolation boundaries (network, identity, and data), lead supply-chain security (SBOMs, signing/provenance, gated deployments), and build continuous evidence for PCI DSS 4.0 (and SOC 2/ISO as needed). You'll collaborate with partner security and compliance teams on due-diligence requests (SIG Lite, AOC/ROCs, shared-responsibility matrices), and you'll own pre-launch security reviews for new ISV integrations. You'll also help run incident response drills and define partner-facing comms and SLAs for security events.

Finally, you'll research and implement AI-assisted security (triage, anomaly detection, auto-remediation PRs) with appropriate guardrails, and own KPIs that demonstrate multiplier effects—e.g., reduced MTTR, lower false-positive rates, higher auto-triage coverage, and faster time-to-evidence—so our platform's security posture continuously improves as our ISV ecosystem scales.

What You'll Do:

Own Security Automation:

  • Design, implement, and run the CI/CD security toolchain: SAST, SCA, DAST, container and IaC scanning, secrets detection, SBOM generation, and policy-as-code.
  • Integrate scanners into GitHub/GitHub Actions pipelines with PR gates, and auto-ticketing to JIRA; tune noise, baselines, and break-glass rules.
  • Establish vulnerability management SLAs, risk acceptance workflow, and metrics dashboards (e.g., MTTR, vuln burn-down).

Embed Security in the SDLC:

  • Create lightweight secure-coding standards and review checklists for TypeScript/Node, Java, Ruby, React.
  • Run threat modeling (STRIDE/PASTA) and produce DFDs (L0–L2) for new and high-risk flows.
  • Lead a "security champions" program with engineering squads.

Platform & Cloud Security (AWS/EKS):

  • Harden EKS workloads (admission controls, pod security, image signing, runtime protection), ECR scanning, and supply-chain security.
  • Implement and iterate on IAM least-privilege, KMS/CloudHSM key management, network segmentation, WAF/Shield, CloudFront, GuardDuty/Security Hub, and centralized logging.
  • Validate service-to-service auth (mTLS, OIDC, JWT), secrets management (AWS Secrets Manager/SSM), and data protection at rest/in transit (FIPSvalidated crypto).
  • Manage security certificate adoption our own and 3rd party across the company technology stack

Compliance Automation:

  • Map controls and automate evidence for PCI DSS 4.0 (and SOC 2/ISO 27001 as needed): continuous monitoring, detector-to-control mappings, and audit-ready artifacts.
  • Partner with compliance on policies, risk register, third-party/vendor assessments, and control testing cadence.

Penetration Testing & Response:

  • Scope and coordinate internal and third-party penetration tests (API, web, mobile, cloud); plan fix-verification and retests.
  • Contribute to incident response playbooks, tabletop exercises, and forensics runbooks.
  • Participate in incident response events and be a key contributor on improving security posture

Research & implement AI security tools:

  • Evaluate and deploy AI/ML capabilities (LLM-assisted code reviews, AI triage for SAST/SCA/DAST, anomaly detection over logs/telemetry, drift detection) to reduce toil and increase signal quality—without leaking sensitive code or data.

Own outcomes & KPIs:

  • Define baselines, instrument dashboards, and continuously tune models/policies to demonstrably improve detection efficacy, remediation speed, and compliance evidence quality.

Guardrails & governance:

  • Establish safe-use patterns (PII redaction, repository allowlists, prompt/content controls, human-in-the-loop), document model/feature risks, and keep audit trails that map to PCI DSS 4.0 controls.

Automation & SOAR integration:

  • Orchestrate AI-assisted enrichment and response (e.g., auto-labeling, deduplication, prioritization, suggested fixes/PRs) across CI/CD, SIEM, ticketing, and chat.

KPIs You'll Own:

  • MTTR for high-severity vulns/incidents: 40–60% vs. baseline within 2–3 quarters.
  • Alert noise reduction (precision/FP rate): 50% reduction in false positives on gated scans and detections.
  • Auto-triage coverage: 70% of scanner findings enriched and prioritized by AI with reviewer acceptance 90%.
  • AI-generated remediation PRs: 30% of low/medium issues fixed via assisted PRs passing CI policy.
  • Time-to-evidence (PCI 4.0 controls): 50% for recurring audits via automated control artifacts.
  • Signed-off service coverage: 90% of services covered by AI-backed detections and scan triage.

What You'll Bring:

  • 8–10 years in application/cloud security or DevSecOps for high-availability platforms (fintech/payments ideal).
  • Hands-on DevSecOps program administration experience with Veracode.
  • Fluent in Terraform for the AWS Stack
  • Strong CI/CD experience (GitHub Actions preferred) and automation in Python/TypeScript/Bash.
  • Solid AWS security fundamentals: IAM, KMS, CloudTrail, Config, Security Hub, GuardDuty, VPC/LBs, WAF/Shield; Kubernetes/EKS hardening experience.
  • Familiarity with microservices, event-driven systems, and DDD; ability to read code in TypeScript/Java/Ruby and basic ReactJS patterns.
  • Working knowledge of PCI DSS 4.0 control objectives (tokenization/PAN handling, key management, segmentation, logging/retention), plus SOC 2/ISO 27001 concepts.
  • Clear communication with engineers and non-technical stakeholders; bias to automate and simplify.
  • Bonus Point: Payments domain exposure: EMV/3DS, PAN vaulting, network tokenization, P2PE, dispute/chargeback flows.

How We'll Measure Success:

  • 90 days: Security scans embedded in CI for core services with actionable findings; baseline metrics and SLAs defined; initial PCI 4.0 control mappings complete.
  • 6 months: False-positive rate <10% on gating scans; P1/P2 MTTR within SLA; SBOMs & dependency policies enforced; security champions running.
  • 12 months: Compliance evidence automation covers priority controls; successful third-party penetration test with timely remediation; measurable reduction in highrisk vulns and misconfigurations.

Team & Reporting:

This role sits in the CTO organization (Engineering/Platform) and partners daily with compliance, DevOps/SRE, Backend/Frontend teams, and Product.

Our Stack (you don't need all of these):

AWS (EKS, ECR, KMS, CloudHSM, WAF/Shield, CloudFront, GuardDuty, Security Hub,

CloudWatch), GitHub/GitHub Actions, Terraform, Node/TypeScript, Java, Ruby, React,

Kafka, MongoDB, Postgres, Redis, Veracode, OWASP ZAP/Burp, AI Tools in Microsoft Teams, JIRA, Development IDEs (Amazon Q, Cursor, Claude Code)

Exciting Benefits we offer:

  • Market-leading Salary
  • Medical Coverage – Self & Dependents
  • Parents Medical Coverage
  • Provident Fund
  • Employee Performance-based bonuses
  • Home Internet Subsidy
  • Conveyance Allowance
  • Profit Sharing Plan (Tenured Employees Only)
  • Life Benefit
  • Child Care Facility
  • Company Provided Lunch/Dinner
  • Professional Development Budget
  • Recreational area for in-house games
  • Sporadic On-shore training opportunities
  • Friendly work environment
  • Leave Encashment

Disclaimer: At Contour, we attribute our success to the unique contributions of our diverse staff. We're committed to fostering a culture of respect that thrives on the varied perspectives and experiences of all individuals we recruit, employ, promote, and compensate. Since day one, we've adhered to a policy that champions a work environment honoring the worth and dignity of each person while being free from all forms of employment discrimination.

In our continuous effort to promote inclusivity, we extend our commitment to individuals with special needs by providing reasonable accommodations. We actively encourage qualified individuals with special needs to apply for the various openings within our company. Should you require assistance in completing the application process or have any inquiries regarding special facilities, please do not hesitate to contact our HR team. Your unique talents and abilities are welcomed and valued here.

This advertiser has chosen not to accept applicants from your region.

Security Engineer

Karachi, Sindh MOBIZ

Posted today

Job Viewed

Tap Again To Close

Job Description

About Mobiz

Mobiz is an information technology firm, and we do three things exceptionally well: cloud and network automation, digital transformation, and data protection. Double-digit growth year-over-year has driven us to grow our team and ensure we stay ahead of the curve.

What Can You Expect?

Every day at Mobiz, we work with a deep sense of purpose. We continuously innovate. Our mission is to empower our clients to do more through transformation. You'll work in a collaborative environment alongside highly talented people that improve client operations and exceed expectations. We strive to simplify technology challenges, and no less.

Who Are We Looking For?

We are seeking a highly skilled Security Engineer with 3–5 years of hands-on experience designing and deploying enterprise security solutions across Microsoft Azure and Microsoft 365.

The ideal candidate will possess strong proficiency in implementing security controls that align with leading frameworks such as NIST, CIS, and ISO/IEC 27001, while demonstrating expertise in applying Microsoft's Azure Security Benchmark (ASB) to real-world customer environments.

The Security Engineer will take ownership of ground-level security execution, ensuring that customer environments are not only technically hardened but also fully aligned with compliance and governance best practices. This role requires a blend of hands-on technical capability and a deep understanding of how security frameworks translate into operational guardrails within Azure and Microsoft 365.

Key Responsibilities

  • Must have deployed and configured security solutions in Azure, including Microsoft Defender for Cloud, Identity Protection, Privileged Identity Management (PIM), and Conditional Access policies.
  • Must Have Implemented and managed Microsoft 365 security features such as Defender for Microsoft 365, Defender for Identity, and Defender for Endpoint, XDR,.
  • Must have configured and operationalized Microsoft Sentinel, including rule creation, incident response playbooks, and security automation.
  • Good to have support Microsoft Purview deployments including sensitivity labels, Data Loss Prevention (DLP), Insider Risk, and eDiscovery (good to have).
  • Must Have Conduct security hardening of Azure and Microsoft 365 environments, aligning with Zero Trust principles and industry frameworks.
  • Must have performed security monitoring, log analysis, and incident response across Azure and M365 platforms.
  • Collaborate with architects and senior security leaders to execute customer-facing engagements and deliver high-quality technical outcomes.
  • Document security designs, configurations, and remediation actions for both internal and external stakeholders.

Required Qualifications

  • 3–5 years of professional experience in Microsoft cloud security engineering roles.
  • Proven hands-on experience deploying and managing Azure and M365 security solutions.
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500) – mandatory.
  • One of the following certification (SC-200, SC-300, or SC-400) – mandatory.
  • Experience with Microsoft Purview Information Protection and compliance solutions – preferred.
  • Strong working knowledge of Zero Trust, cloud governance, and regulatory compliance frameworks (ISO, NIST, CIS, etc.)
  • Excellent problem-solving skills, attention to detail, and ability to work in a fast-paced consulting environment.

What We Offer

  • A team of bright, hard-working, and innovative people that will contribute to your growth.
  • Competitive Salary and comprehensive benefits plan.
  • A dynamic and collaborative work environment with opportunity to work with cutting-edge technology and innovative solutions.

Other

This is a full-time office-based job in Karachi, Pakistan.

Closing

Mobiz embraces diversity and is committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better we are. We are an equal opportunity employer.

We thank all applicants for their interest. We will contact you if you are selected to move forward in the recruiting process.

This advertiser has chosen not to accept applicants from your region.

Cloud Security Engineer

Karachi, Sindh Multinet Pakistan

Posted today

Job Viewed

Tap Again To Close

Job Description

We are seeking a proactive and skilled Cloud Security Engineer with hands-on experience in Fortinet and/or Sangfor firewalls, network security, and cloud infrastructure protection. The ideal candidate will be responsible for the design, implementation, and maintenance of secure and scalable network environments, supporting both LAN/WAN and cloud-based systems.

Key Responsibilities:

  • Configure, manage, and maintain next-generation firewalls (Fortinet, Sangfor) and related security devices.
  • Design, implement, and manage secure LAN/WAN infrastructure and data communication networks.
  • Configure and manage VDOMs, IPSec VPN, SSL VPN, NAT, and PAT policies.
  • Troubleshoot and analyze security-related network issues and ensure optimal network performance.
  • Create and maintain detailed network design documents, configuration guides, and topology diagrams.
  • Ensure compliance with internal security standards and external regulatory requirements.
  • Provide proof of concept (POC), solution design, and technical presentations when required.
  • Collaborate with internal teams to align network security policies with business goals.
  • Stay up to date with the latest network and cloud security trends, tools, and best practices.
  • Ensure Service Level Agreements (SLAs) are met in accordance with organizational policies.

Required Skills and Experience:

  • 1+ years of hands-on experience in network security or cloud security engineering.
  • Solid understanding of Fortinet or Sangfor firewall platforms.
  • Strong knowledge of routing and switching protocols, including static and dynamic routing.
  • Familiar with VDOMs, IPSec/SSL VPNs, NAT/PAT, and advanced firewall features.
  • Experience in network design, configuration, and security for LAN/WAN/cloud environments.
  • Strong troubleshooting skills for network, VPN, and firewall-related issues.
  • Excellent documentation and reporting skills.

Job Type: Full-time

Work Location: In person

This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security engineers Jobs in Karachi !

 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Engineers Jobs View All Jobs in Karachi