Deputy Director (OG-3) – Cyber Security Department (CySD)

Career Opportunity at State Bank of Pakistan, Deputy Director (OG-3) – Cyber Security Department (CySD), State Bank of Pakistan Jobs

The State Bank of Pakistan (SBP), as the Central Bank, is seeking talented and dynamic candidates for the position of Deputy Director (OG-3) in the Cyber Security Department (CySD), based in Karachi.

Key Responsibilities:

The incumbent will be responsible for, but not limited to, the following:

• Manage and maintain IT security policies, standards, and guidelines, ensuring regular reviews and updates.
• Plan and conduct IT security risk assessments of the bank’s IT infrastructure, business systems, and applications periodically to identify, assess, and report cyber security risks.
• Collaborate with business and IT departments to understand business processes, IT infrastructure, critical data and systems, security risk posture, and risk appetite.
• Recommend appropriate security controls and countermeasures to reduce risks to an acceptable level.
• Act as a liaison between key stakeholders and maintain GRC tooling to drive and track compliance with policies and risk mitigation activities.
• Maintain a centralized risk repository, follow up with risk owners, and report to senior management and committees.
• Investigate security incidents collaboratively, conduct log analysis, end-user interviews, and evidence collection.
• Implement an incident management framework for bank-wide IT security incidents.
• Establish and update incident response plans and playbooks based on industry best practices, conducting tabletop exercises for cyber security incident preparedness.
• Maintain a knowledge base and record all IT security incidents following the Enterprise Risk Management Framework and the bank’s Incident Reporting Policy.
• Perform business impact analysis, review business continuity plans, and develop disaster recovery plans for information systems and IT infrastructure.
• Conduct cyber awareness and training sessions for different audience groups in the bank.
• Prepare necessary documents like requests for proposals, terms of reference, and procurement contracts, managing the execution of cyber security projects in coordination with procurement, IT, and business teams.
• Undertake and complete other official tasks assigned by the management.

Eligibility Criteria:

• Education: Bachelor’s or Master’s Degree (minimum 16 years of education) in Cyber/Information Security, IT, Computer Science, Computer/Software Engineering, Telecommunication, or a similar relevant field from a reputable HEC recognized domestic or foreign university.
• Relevant IT/Cyber Security certifications (CISSP, CRISC, CHFI, ECIH, or equivalent) would be preferred.
• Age: Maximum 35 years, as of the date of the advertisement.
• Experience: At least five (05) years post-qualification experience in cyber security, with preference given to candidates with hands-on experience in IT risk assessments, SOC operations, incident response, and digital forensics.

Compensation:

• Competitive compensation package, as per State Bank rules.

Application Procedure:

Interested candidates meeting the eligibility criteria may submit their applications online at https://www.sbp.org.pk/careers/status.asp. The last date for application submission is March 4, 2024. Applications that do not meet the defined requirements will not be entertained. Only short-listed candidates will be contacted.

Equal Opportunity Employer:

We are an equal-opportunity employer. Females, candidates from minorities, transgender persons, and persons with disabilities are encouraged to apply.

Any candidate who misinforms or attempts to influence the recruitment process in any manner tries to obtain support inappropriately, or tampers with evidence shall be disqualified from the current and any future recruitment process at the bank, even if the candidate is otherwise eligible.