Head Information Security

Department: Information Security

Reports To: Chief Executive Officer

Job Grade: SVP

Total Position : 01

Location: Head Office, Islamabad

What is Head Information Security – MMBL?

The Head Information Security at Mobilink Microfinance Bank Ltd. (MMBL) is a senior leadership position responsible for developing and overseeing the bank’s cybersecurity and information security strategies. This role involves ensuring that all digital assets, customer data, and internal systems are protected against cyber threats by implementing robust policies, frameworks, and incident response plans in line with international best practices and regulatory requirements.

The Head Information Security works closely with senior management and regulatory bodies to monitor risks, respond to emerging threats, and cultivate a strong security culture within the organization. Additionally, the role requires strategic thinking, technical expertise, and effective communication skills to influence decision-making at the highest levels and to align security efforts with the bank’s overall goals.

What Head Information Security – MMBL Does?

• Provide vision, leadership, and strategic direction for Information Security to safeguard MMBL’s information assets.
• Develop and maintain information security policies and procedures aligned with best industry practices.
• Implement a comprehensive Information Security Framework to protect bank systems and data from threats.
• Prepare and maintain a Cyber Security Action Plan to anticipate, withstand, detect, and respond to cyber-attacks in line with international standards.
• Implement a robust Incident Reporting Mechanism to report security incidents to senior management, Board of Directors (BoD), and regulators as required.
• Periodically prepare and present updates, reports, and statistics to the Board Risk Management & Compliance Committee (RCC) on cybersecurity developments and implementation status.
• Manage an effective Information Security Risk Management process: Identify, measure, monitor, and control risks. Prioritize material information security risks.
• Assess risks related to technology outsourcing and procurement.
• Evaluate information security risks in new and significantly changed applications or software systems.
• Monitor technological developments and remain up-to-date on emerging cyber risk management practices.
• Identify and prioritize critical information system assets.
• Conduct periodic risk-based vulnerability assessments and impact analysis.
• Ensure implementation of security controls and corrective actions to address identified vulnerabilities.
• Establish a testing program to validate the effectiveness of controls and the overall security environment regularly.
• Oversee the investigation of information security incidents.
• Gather and analyze internal and external threat intelligence to strengthen security posture.
• Collaborate with industry peers to share experiences and enhance MMBL’s resilience and preventive capabilities.
• Promote security awareness among employees and encourage adherence to best practices.
• Perform any other tasks assigned by immediate supervisors, senior management, or the board.

What are we looking for and what does it require to be Head Information Security - MMBL?

• Education: Bachelor's or Master's degree in Computer Science, Information Security, or related field. Relevant certifications such as CISSP, CISM, CISA, CEH preferred. • Experience: Minimum 10 years in Information Security within the banking or financial services sector. • Technical Expertise: In-depth understanding of information security frameworks (e.g., ISO 27001, NIST). Experience in cyber risk management, threat intelligence, and incident response. Knowledge of security technologies, vulnerabilities assessment tools, and mitigation techniques.
• Strategic & Operational Skills: Proven ability to develop and implement security policies, procedures, and cyber action plans. Strong capability in risk assessment for systems, applications, and third-party engagements. Experience in presenting to senior management and board committees.
• Leadership & Communication: Strong leadership and team management skills. Excellent written and verbal communication, especially in reporting to executive leadership. Ability to lead security awareness and training programs.
• Compliance & Governance: Familiarity with regulatory requirements and standards applicable to financial institutions. Experience in reporting and liaising with regulators and external stakeholders.

About MMBL:

Mobilink Microfinance Bank Ltd. is providing banking services to over 48 million registered users including 20+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 114 branches and 270,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan instalments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion. MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business.

Why Join MMBL?

This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavour.