21 Security Measures jobs in Pakistan

Department:

Information Security Reports To:

Head ISRM Job Grade:

SVP Total Positions:

01 Job Location:

Head Office, Islamabad What is Head Data Protection - MMBL? Mobilink Microfinance Bank Limited seeks a visionary and technically proficient Data Protection Officer (DPO) to lead the bank’s enterprise-wide data protection and privacy program. Reporting directly to the Head of Information Security, the DPO will be responsible for establishing the governance, architecture, and operational execution of the Bank’s privacy and data protection obligations. This leadership role will oversee the implementation of a formal Data Protection and Governance Program, manage the lifecycle of sensitive and regulated data, deploy advanced Data Loss Prevention (DLP) systems, and ensure full compliance with relevant State Bank of Pakistan (SBP) regulations, Pakistan’s Personal Data Protection Act (when enacted), and applicable international standards, including ISO/IEC 27001 and PCI DSS. The DPO will serve as the Bank’s authority on privacy, act as a secondary liaison to regulators and law enforcement via the Compliance function, and serve as the internal champion for all privacy-by-design and data accountability initiatives. What Head Data Protection - MMBL Does? Strategic Privacy Program Design & Leadership: Develop, own, and drive the enterprise privacy and data protection strategy in alignment with SBP’s regulatory expectations and international best practices. Establish and operationalize a centralized Data Protection Office, defining its charter, structure, roles, and reporting lines. Define a bank-wide data protection operating model, integrating privacy requirements into enterprise risk management and governance frameworks. Champion data ethics, responsible data handling, and privacy-by-default principles across the organization. Regulatory Compliance & Privacy Risk Management: Ensure continuous compliance with SBP’s Framework on IT Governance and Risk Management, o SBP’s Cybersecurity Framework, o Pakistan’s Personal Data Protection Bill, o ISO/IEC 27001, PCI DSS, and GDPR (where applicable). Act as the bank’s focal point or designated secondary liaison with SBP and other relevant regulatory bodies through the Compliance and Legal departments. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new systems, products, and processes. Monitor changes in local and global data privacy regulations and proactively adjust compliance strategies. Data Governance & Inventorization: Lead implementation of data classification, tagging, and ownership models across data types and systems. Oversee and maintain accurate and up-to-date Records of Processing Activities (RoPAs) in line with SBP and global privacy standards. Ensure policies for data minimization, retention, disposal, and lifecycle management are in place and enforced. Technology & Data Loss Prevention (DLP) Oversight: Collaborate with IT, SOC, and Information Security teams to ensure privacy-by-design and privacy-by-default in systems architecture. Oversee the deployment, configuration, and monitoring of DLP solutions across all critical data touchpoints—endpoints, email, file storage, and networks. Ensure technical controls are aligned with SBP’s cybersecurity baseline controls. Vendor, Third-Party & Contractual Privacy Assurance: Evaluate third-party vendors, partners, and outsourcing arrangements for privacy and data protection risks. Ensure Data Processing Agreements (DPAs), SLAs, and contractual clauses reflect regulatory and internal privacy requirements. Conduct vendor risk assessments and ensure privacy obligations are embedded in procurement and onboarding processes. Privacy Incident Management & Breach Handling: Develop, maintain, and test the Privacy Incident Response Plan in alignment with SBP’s incident handling guidelines. Maintain a personal data breach register and ensure timely notification to SBP and affected stakeholders in case of qualifying breaches. Work with SOC, IT, and Legal to coordinate breach response and containment. Awareness, Training & Culture Building: Develop and roll out privacy awareness programs, including mandatory and role-specific training modules for staff. Promote a culture of privacy through KPIs, employee engagement campaigns, and executive support. Regularly assess training effectiveness and incorporate feedback from business units. Reporting & Stakeholder Communication: Provide periodic updates to senior management and the Board of Directors on the maturity and effectiveness of the data protection program. Contribute to internal audits and regulatory examinations, ensuring evidence of compliance is maintained and auditable. Generate dashboards and metrics on privacy risks, incident trends, and regulatory compliance status. What are we looking for and what does it require to be Head Data Protection - MMBL? Educational Background: Bachelor’s or Master’s degree in Information Security, Law, Cybersecurity, Risk Management, or related field. Experience: Experience in privacy and security governance. Previous experience in regulatory compliance, risk management, or data protection roles. Technical Proficiency: Certifications (preferred): CDPO (Certified Data Protection Officer) CIPM (Certified Information Privacy Manager) CIPP/E (Certified Information Privacy Professional/Europe) CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) CRISC (Certified in Risk and Information Systems Control) ISO/IEC 27001 Lead Implementer PCI DSS (Payment Card Industry Data Security Standard) knowledge Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management skills. Ability to work independently and in teams. About MMBL: Mobilink Microfinance Bank Ltd. is providing banking services to over 48 million registered users including 20+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 114 branches and 270,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan instalments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion. MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business. Why Join MMBL? This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavour.

#J-18808-Ljbffr

Overview

Company Overview: Zones – First Choice for IT. Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Zones, a Minority Business Enterprise (MBE) with over 35 years in business, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, Zones partners with Microsoft, Apple, Cisco, Lenovo, Adobe, and more to build digital infrastructures that change how business operates.

Position Overview

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework, tracking enterprise compliance across multiple security frameworks, assisting internal teams for internal and external assessments and audits, collaborating on IT projects to address security policy and risk issues, and developing key performance metrics to track and ensure compliance with policies and standards.

Responsibilities

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory and security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS; maintain up-to-date records of requirements and mitigating controls.
• Assist internal teams with readiness for internal/external assessments and audits against industry standards; review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure security policy and risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.

Qualifications / What you will bring to the team

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience auditing vendors/service providers/partners for security compliance.
• Experience working with Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate compliance requirements.
• Bachelor’s degree in Computer Science or Information Technology.

Benefits

Zones offers a comprehensive Benefits package. At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer life insurance, optional health insurance, and retirement benefits in line with Company policy. Employees also enjoy additional perks such as the Voluntary Pension Scheme, EOBI, complimentary meals, and access to our in-house gym.

Equal Opportunity

We take pride in being an equal opportunity employer and remain dedicated to maintaining a workplace free from discrimination of any kind. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Job timings

08:00 PM to 05:00 AM (Pk time)

#J-18808-Ljbffr

Information Security Analyst – Compliance & Risk Management

Join to apply for the Information Security Analyst – Compliance & Risk Management role at Zones IT Solutions

Information Security Analyst – Compliance & Risk Management

Join to apply for the Information Security Analyst – Compliance & Risk Management role at Zones IT Solutions

Get AI-powered advice on this job and more exclusive features.

Description

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you’ll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory/security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.
  
  

What You Will Bring To The Team

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience with auditing vendors/service providers/partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
• Bachelor’s degree in Computer Science or Information Technology.
  
  

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer a comprehensive benefits package that includes employee life insurance, health coverage for employees, spouse, and children, along with optional discounted coverage for parents. Additional benefits include, Voluntary Pension Fund Scheme, EOBI, complimentary meals, and access to an in-house gym.

We take pride in being an equal opportunity employer and are dedicated to maintaining a workplace free from discrimination of any kind. If you're passionate about driving innovation in IT, sales, engineering, or operations, Zones provide a dynamic and collaborative environment to grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or on the basis of disability.

Job timings: 08:00 PM to 05:00 AM (Pk time)

Seniority level

• Seniority level Not Applicable

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Computer Hardware Manufacturing, Software Development, and IT Services and IT Consulting

Referrals increase your chances of interviewing at Zones IT Solutions by 2x

Sign in to set job alerts for “Information Security Analyst” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Overview Company Overview: Zones – First Choice for IT. Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Zones, a Minority Business Enterprise (MBE) with over 35 years in business, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, Zones partners with Microsoft, Apple, Cisco, Lenovo, Adobe, and more to build digital infrastructures that change how business operates.

Position Overview As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework, tracking enterprise compliance across multiple security frameworks, assisting internal teams for internal and external assessments and audits, collaborating on IT projects to address security policy and risk issues, and developing key performance metrics to track and ensure compliance with policies and standards.

Responsibilities

Analyze management and technical controls to ensure specific security and compliance requirements are met.

Map regulatory and security requirements across the information security framework.

Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS; maintain up-to-date records of requirements and mitigating controls.

Assist internal teams with readiness for internal/external assessments and audits against industry standards; review programs/documentation for conformance.

Collaborate on critical IT projects to ensure security policy and risk issues are addressed throughout the project life cycle.

Develop key performance metrics to track and ensure compliance with established policies and standards.

Qualifications / What you will bring to the team

5-7 years of information security experience.

Experience with ISO 27001, SOC 2, and PCI-DSS compliance.

Strong communication skills (verbal and written).

Ability to meet deadlines and work under pressure.

Experience of working in US-based multinational organizations is a plus.

Security certifications such as CISSP/CISA, ISO27001.

Extensive experience auditing vendors/service providers/partners for security compliance.

Experience working with Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate compliance requirements.

Bachelor’s degree in Computer Science or Information Technology.

Benefits Zones offers a comprehensive Benefits package. At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer life insurance, optional health insurance, and retirement benefits in line with Company policy. Employees also enjoy additional perks such as the Voluntary Pension Scheme, EOBI, complimentary meals, and access to our in-house gym.

Equal Opportunity We take pride in being an equal opportunity employer and remain dedicated to maintaining a workplace free from discrimination of any kind. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Job timings 08:00 PM to 05:00 AM (Pk time)

#J-18808-Ljbffr

Information Security Analyst – Compliance & Risk Management

Join to apply for the

Information Security Analyst – Compliance & Risk Management

role at

Zones IT Solutions Information Security Analyst – Compliance & Risk Management

Join to apply for the

Information Security Analyst – Compliance & Risk Management

role at

Zones IT Solutions Get AI-powered advice on this job and more exclusive features. Description

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you’ll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Analyze management and technical controls to ensure specific security and compliance requirements are met. Map regulatory/security requirements across the information security framework. Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls. Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance. Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle. Develop key performance metrics to track and ensure compliance with established policies and standards.

What You Will Bring To The Team

5-7 years of information security experience. Experience with ISO 27001, SOC 2, and PCI-DSS compliance. Strong communication skills (verbal and written). Ability to meet deadlines and work under pressure. Experience of working in US-based multinational organizations is a plus. Security certifications such as CISSP/CISA, ISO27001. Extensive experience with auditing vendors/service providers/partners for compliance with security. Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements Bachelor’s degree in Computer Science or Information Technology.

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer a comprehensive benefits package that includes employee life insurance, health coverage for employees, spouse, and children, along with optional discounted coverage for parents. Additional benefits include, Voluntary Pension Fund Scheme, EOBI, complimentary meals, and access to an in-house gym.

We take pride in being an equal opportunity employer and are dedicated to maintaining a workplace free from discrimination of any kind. If you're passionate about driving innovation in IT, sales, engineering, or operations, Zones provide a dynamic and collaborative environment to grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or on the basis of disability.

Job timings: 08:00 PM to 05:00 AM (Pk time) Seniority level

Seniority level Not Applicable Employment type

Employment type Full-time Job function

Job function Information Technology Industries Computer Hardware Manufacturing, Software Development, and IT Services and IT Consulting Referrals increase your chances of interviewing at Zones IT Solutions by 2x Sign in to set job alerts for “Information Security Analyst” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Security and Compliance Analyst role at Nakisa

Join to apply for the Security and Compliance Analyst role at Nakisa

About Nakisa

Nakisa stands as a global leader in enterprise business solutions, specializing in Human Resources, Financial Management, and Real Estate. We are dedicated to delivering innovative, forward-thinking, and robust software solutions that propel business strategies forward. Trusted by numerous Fortune 1000 companies, our top-of-the-line solutions have consistently excelled in the market, underscoring our commitment to providing our clients with unparalleled experience.

About Nakisa

Nakisa stands as a global leader in enterprise business solutions, specializing in Human Resources, Financial Management, and Real Estate. We are dedicated to delivering innovative, forward-thinking, and robust software solutions that propel business strategies forward. Trusted by numerous Fortune 1000 companies, our top-of-the-line solutions have consistently excelled in the market, underscoring our commitment to providing our clients with unparalleled experience.

Our team represents a rich tapestry of cultural and religious backgrounds, making diversity our greatest asset. Unified by our values of Fairness, Integrity, Service, and Humility, we foster an environment where unity and teamwork are our core strengths. At Nakisa, we continuously strive to ensure that these values guide our actions at every level.

As a company, we are in a phase of dynamic growth and prosperity, offering ample opportunities for those who join us on this journey to develop and thrive alongside us. If you are seeking a workplace where your contributions are valued and where you can actively participate in our pursuit of excellence, Nakisa welcomes you with open arms.

We’re recognized as one of the best Canadian employers, having been named one of Montreal’s top employers, as well asone of Canada’s best employers for recent graduates.

Our people and our culture are the key to our success. If you're looking for a workplace that embraces a hybrid work model, values your contributions, and encourages active participation in our pursuit of excellence, Nakisa warmly invites you to join us.

Description:

Nakisa is seeking a detail-oriented, proactive, and technically curious Security and Compliance Analyst to support our growing global security and compliance initiatives. This role is central to maintaining and enhancing Nakisa’s compliance posture with recognized standards such as SOC 1, SOC 2, ISO/IEC 27001 , and data privacy regulations.

You’ll work closely with internal teams and external auditors to manage evidence collection, track audit deliverables, and maintain robust documentation. You’ll also assist with RFPs/RFIs from prospective clients and contribute to internal security improvement projects. A strong interest and understanding of Artificial Intelligence (AI) , particularly its implications on compliance and security, is essential.

This is an excellent opportunity for someone looking to launch or grow a career in information security and compliance in a fast-paced SaaS environment that is deeply invested in cloud technology, AI , and process excellence .

Key Responsibilities:

• Coordinate and manage tasks related to Nakisa’s security and compliance programs, including SOC 1, SOC 2, and ISO 27001 audits.
• Collaborate with internal stakeholders and external auditors to collect, organize, and validate audit evidence and documentation.
• Drive and support continuous improvement of internal processes, controls, and compliance documentation.
• Assist in completing security and compliance sections of RFPs, RFIs, and due diligence questionnaires from prospects and clients.
• Contribute to internal information security projects and process improvements.
• Ensure documentation and policies are accurate, up-to-date, and aligned with industry standards.
• Monitor and follow up on compliance deadlines, audit deliverables, and remediation actions.
• Stay informed on evolving security frameworks, regulatory requirements, and AI-related security practices.
• Educate employees on security awareness topics and best practices through training, content creation, or internal communications.
  
  

Qualifications:

• Bachelor’s degree in information security, Cybersecurity, Information Systems, Computer Science, or a related field—or equivalent hands-on experience.
• Solid knowledge of industry standards and frameworks, such as:
• SOC 1 / SOC 2 (Type I & II), ISO/IEC 27001 & 27017, CIS Controls, Data protection regulations (GDPR, PIPEDA, CCPA, etc.)
• Strong reporting and documentation skills:
• Proficiency in generating audit reports, compliance documentation, and RFP/RFI responses
• Skilled in Excel, Word, PowerPoint, and PDF tools for structured reporting and evidence tracking
• Experience with compliance audits, security questionnaires, or risk assessments
• Basic technical knowledge of cloud environments (AWS, Azure, GCP), access controls, encryption, and security operations
• Exceptional attention to detail, with the ability to identify gaps, maintain precision, and meet deadlines
• Strong verbal and written communication skills, comfortable working cross-functionally with internal teams, auditors, and clients
• Demonstrated interest and foundational knowledge in Artificial Intelligence, especially its impact on cybersecurity and compliance
  
  

Preferred:

• 3+ years of relevant work experience in security compliance, audit, or GRC functions
• Exposure to internal controls testing, risk registers, or information security policies
• Certifications (or active pursuit) such as:
• Certified in Cybersecurity (ISC² CC), ISO 27001 Lead Implementer or Foundations, CISA etc.
  
  

We are excited to see how you can contribute to Nakisa’s continued success and innovation. If you are passionate about making a difference and ready to take on new challenges, we invite you to apply for this role. At Nakisa, we believe in fostering a supportive and engaging work environment where every team member can thrive and grow. Apply now to join our team and help shape the future of enterprise business solutions.

We look forward to reviewing your application and getting to know you better.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Industries Translation and Localization

Referrals increase your chances of interviewing at Nakisa by 2x

Sign in to set job alerts for “Compliance Analyst” roles. Security Operations Center (SOC) Engineer Pre-Sales Solution Specialist -Azure Security Practice

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the

Security and Compliance Analyst

role at

Nakisa Join to apply for the

Security and Compliance Analyst

role at

Nakisa About Nakisa

Nakisa stands as a global leader in enterprise business solutions, specializing in Human Resources, Financial Management, and Real Estate. We are dedicated to delivering innovative, forward-thinking, and robust software solutions that propel business strategies forward. Trusted by numerous Fortune 1000 companies, our top-of-the-line solutions have consistently excelled in the market, underscoring our commitment to providing our clients with unparalleled experience. About Nakisa

Nakisa stands as a global leader in enterprise business solutions, specializing in Human Resources, Financial Management, and Real Estate. We are dedicated to delivering innovative, forward-thinking, and robust software solutions that propel business strategies forward. Trusted by numerous Fortune 1000 companies, our top-of-the-line solutions have consistently excelled in the market, underscoring our commitment to providing our clients with unparalleled experience.

Our team represents a rich tapestry of cultural and religious backgrounds, making diversity our greatest asset. Unified by our values of Fairness, Integrity, Service, and Humility, we foster an environment where unity and teamwork are our core strengths. At Nakisa, we continuously strive to ensure that these values guide our actions at every level.

As a company, we are in a phase of dynamic growth and prosperity, offering ample opportunities for those who join us on this journey to develop and thrive alongside us. If you are seeking a workplace where your contributions are valued and where you can actively participate in our pursuit of excellence, Nakisa welcomes you with open arms.

We’re recognized as one of the best Canadian employers, having been named one of Montreal’s top employers, as well as one of Canada’s best employers for recent graduates.

Our people and our culture are the key to our success. If you're looking for a workplace that embraces a hybrid work model, values your contributions, and encourages active participation in our pursuit of excellence, Nakisa warmly invites you to join us.

Description:

Nakisa is seeking a detail-oriented, proactive, and technically curious

Security and Compliance Analyst

to support our growing global security and compliance initiatives. This role is central to maintaining and enhancing Nakisa’s compliance posture with recognized standards such as

SOC 1, SOC 2, ISO/IEC 27001 , and data privacy regulations.

You’ll work closely with internal teams and external auditors to manage evidence collection, track audit deliverables, and maintain robust documentation. You’ll also assist with RFPs/RFIs from prospective clients and contribute to internal security improvement projects. A strong interest and understanding of

Artificial Intelligence (AI) , particularly its implications on compliance and security, is essential.

This is an excellent opportunity for someone looking to launch or grow a career in information security and compliance in a

fast-paced SaaS environment

that is deeply invested in

cloud technology, AI , and

process excellence .

Key Responsibilities:

Coordinate and manage tasks related to Nakisa’s security and compliance programs, including SOC 1, SOC 2, and ISO 27001 audits. Collaborate with internal stakeholders and external auditors to collect, organize, and validate audit evidence and documentation. Drive and support continuous improvement of internal processes, controls, and compliance documentation. Assist in completing security and compliance sections of RFPs, RFIs, and due diligence questionnaires from prospects and clients. Contribute to internal information security projects and process improvements. Ensure documentation and policies are accurate, up-to-date, and aligned with industry standards. Monitor and follow up on compliance deadlines, audit deliverables, and remediation actions. Stay informed on evolving security frameworks, regulatory requirements, and AI-related security practices. Educate employees on security awareness topics and best practices through training, content creation, or internal communications.

Qualifications:

Bachelor’s degree in information security, Cybersecurity, Information Systems, Computer Science, or a related field—or equivalent hands-on experience. Solid knowledge of industry standards and frameworks, such as: SOC 1 / SOC 2 (Type I & II), ISO/IEC 27001 & 27017, CIS Controls, Data protection regulations (GDPR, PIPEDA, CCPA, etc.) Strong reporting and documentation skills: Proficiency in generating audit reports, compliance documentation, and RFP/RFI responses Skilled in Excel, Word, PowerPoint, and PDF tools for structured reporting and evidence tracking Experience with compliance audits, security questionnaires, or risk assessments Basic technical knowledge of cloud environments (AWS, Azure, GCP), access controls, encryption, and security operations Exceptional attention to detail, with the ability to identify gaps, maintain precision, and meet deadlines Strong verbal and written communication skills, comfortable working cross-functionally with internal teams, auditors, and clients Demonstrated interest and foundational knowledge in Artificial Intelligence, especially its impact on cybersecurity and compliance

Preferred:

3+ years of relevant work experience in security compliance, audit, or GRC functions Exposure to internal controls testing, risk registers, or information security policies Certifications (or active pursuit) such as: Certified in Cybersecurity (ISC² CC), ISO 27001 Lead Implementer or Foundations, CISA etc.

We are excited to see how you can contribute to Nakisa’s continued success and innovation. If you are passionate about making a difference and ready to take on new challenges, we invite you to apply for this role. At Nakisa, we believe in fostering a supportive and engaging work environment where every team member can thrive and grow. Apply now to join our team and help shape the future of enterprise business solutions.

We look forward to reviewing your application and getting to know you better. Seniority level

Seniority level Mid-Senior level Employment type

Employment type Full-time Job function

Industries Translation and Localization Referrals increase your chances of interviewing at Nakisa by 2x Sign in to set job alerts for “Compliance Analyst” roles.

Security Operations Center (SOC) Engineer

Pre-Sales Solution Specialist -Azure Security Practice

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Overview

Department & Function: Finance

Position: Manager Enterprise Risk Management

Location: Islamabad

Reporting to: Deputy Director Finance

Job Type: Permanent

Job Purpose: The role monitors the effectiveness of internal controls and ensures they remain aligned with evolving business needs, regulatory requirements and CMCC guidelines. Works closely with relevant stakeholders to implement remediation actions, ensuring that Financial and operational risks are adequately managed.

Responsibilities

• Own the ERM & Internal Controls policy, framework, and risk appetite statement aligned with ISO 31000 and COSO ERM & Internal Controls, tailored to company-specific risks.
• Embed risk culture through training, guidance notes, playbooks, and business partnering.
• Drive enterprise risk assessments (ERAs) at corporate, functional, and project levels.
• Maintain and update the inventory of internal controls (ICMs) applicable for CMPak after benchmarking them with Group company (CMCC).
• Test the ICMs on periodic and on requirement basis and reporting the results to the management and the Group company.
• Preparation of annual company level risk management plan and development of controls to mitigate the risks.
• Monitor and report the risk on monthly basis in monthly operational meeting with the management.
• Develop early risk warning mechanism encompassing the whole organization and providing regular monitoring reports.
• Maintain an enterprise risk register with risk owners, treatment plans, timelines, and residual risk ratings using qualitative and quantitative techniques.
• Continuous regular coordination with head of departments on matters ranging from providing risk management process understanding and internal controls implementation guidelines for the strategic alignment of all company-wide initiatives.
• Assist in identification of new risks by periodically reviewing financial statements, management reports and industry situation etc.
• Assess the effectiveness of management actions provided by the concerned Risk & Control Owners.
• Ensure effective execution of ERM processes relating to all relevant projects as per applicable policies / procedures
• Support to ensure effective implementation of ERM & Internal Controls Policy and Framework Assisting testing of compliance with applicable Policies and Procedures.
• Conduct researches on regular basis regarding developments in the field of risk management and getting those implemented
• Prepare various templates/tools/forms etc. for supporting various steps in Risk Management process

Qualifications

Education

• CA, CIA, ACCA, ACMA. In addition,Risk related certifications will be a plus.

Work Experience

• At-least 8-10 years of total and 5-6 years of relevant work experience in the area of Enterprise Risk Management & Internal Controls. Experience of Telecommunication Industry will be preferred.

#J-18808-Ljbffr

This role is responsible to identify, measure and manage risks faced by the Company by implementing risk management policies and procedures.

Competencies Good knowledge of insurance industry, its regulatory requirements, current market environment and industry best practices in risk management. Attention to detail and analytical skills, strong organizational and problem solving skills. Ability to work independently and under pressure.

Qualification Required Minimum graduate degree in Risk Management or related field. ACCA qualified/ CA part qualified or pursuing FRM certification will be preferred.

#J-18808-Ljbffr