Head of Information Security (ASA Microfinance Bank Pakistan Limited)

About the Role:

We are seeking an experienced Head of Information Security to define and drive our cybersecurity strategy, ensure regulatory compliance, and safeguard our digital assets. The role oversees security operations, risk management, incident response, governance, and organization‑wide security awareness.

Key Responsibilities:

• Lead enterprise Information Security Strategy and governance.
• Ensure compliance with SBP regulations, ISO 27001, NIST, PCI DSS, and cybersecurity laws.
• Oversee SOC operations, threat monitoring, and incident response.
• Conduct security audits, risk assessments, and vendor evaluations.
• Strengthen cybersecurity architecture across systems, cloud, and digital platforms.
• Lead BCP/DRP planning, testing, and cyber‑resilience initiatives.
• Drive employee security awareness and training programs.
• Report security posture and risks to senior leadership and Board committees.

Qualifications:

• Bachelor’s/Master’s in Cybersecurity, IT, or Computer Science.
• 10+ years of Information Security experience, including 3+ years in leadership.
• Certifications like CISSP, CISM, CISA, ISO 27001 preferred.
• Strong expertise in SIEM, IDS/IPS, firewalls, cloud security, IAM, and digital banking security.
• Proven experience with incident management, forensic investigations, and regulatory compliance.