Job description / Role

Employment: Full Time

• Supporting information security policies, defining information security roles and responsibilities, and setting information security goals for implementation;
• Providing information security and information risk management frameworks;
• Identifying known and emerging information security issues;
• Identifying shifts in the organization’s implicit information risk appetite;
• Assisting management in developing information security processes and controls to manage information security risks and information security issues;
• Providing guidance and training on information security and information risk management processes;
• Facilitating and monitoring implementation of effective information security and information risk management practices by operational management;
• Alerting operational management to emerging information security issues and changing regulatory and information risk scenarios;
• Monitoring the adequacy and effectiveness of internal control, accuracy and completeness of reporting, compliance with laws and regulations in connection with Information Security, and timely remediation of deficiencies.
• Developing and maintaining cyber security strategy, policy, architecture, Risk management process.
• Perform the cyber security activities across the Member Organization, including:
• Monitoring of the cyber security activities (SOC monitoring)
• Monitoring of compliance with cyber security regulations, policies, standards and procedures
• Overseeing the investigation of cyber security incidents
• Gathering and analyzing threat intelligence from internal and external sources
• Performing cyber security reviews
• Banks Compliance with SAMA Cyber Security Frame Work


• 4+ years of experience in handling cyber security function preferably in a financial institution

• CISSP, CISM, or any Information/Cyber Security certifications
• ISO 27001, CRISK, or ISO 31000 certification and knowledge.
• Thorough Knowledge of risk management
• Sound independent judgement
• Very good Communication and interpersonal skills.
• Must be able to work independently as well as in teams.
• High Analytical and problem-solving skills.
• Independent, self-driven and proactive attitude.
• Master's in information security is preferable.

About the Company

National Bank of Pakistan is largest state owned bank operating in Pakistan. It has redefined its role and has moved from a public sector organization into a modern commercial bank. The Bank's services are available to individuals, corporate entities and government. While it continues to act as trustee of public funds and as the agent to the State Bank of Pakistan (in places where SBP does not have presence).

National Bank of Pakistan has built an extensive branch network with over 1313 branches in Pakistan. It has agency arrangements with more than 3000 correspondent banks worldwide. Its subsidiaries are Taurus Securities Ltd, NBP Exchange Company Ltd, NBP Capital Ltd, NBP Modaraba Management Company Ltd, and CJSC Bank, Almaty, Kazakhstan. It has recently opened a subsidiary in Dushanbe, Tajikistan.

The bank has global presence having 23 overseas branches in 11 countries. The bank also has a representative office in China and Canada.