This position involves a range of responsibilities focused on information security governance, risk, and compliance within the bank. Key roles include:

• Assist in audit coordination by supporting internal and external auditors and collecting required evidence, documents, and records to demonstrate compliance.
• Support the implementation of information security policies and procedures in accordance with regulatory and organizational requirements.
• Participate in security and compliance projects, including third-party security assessments, vulnerability assessments, and other security review activities.
• Maintain risk management documentation, including Key Risk Indicators (KRIs) and Risk Control Self-Assessment (RCSA) records, to support effective risk monitoring.
• Organize security awareness initiatives, such as employee awareness sessions, communications, and training programs, to promote security best practices.
• Support the maintenance of the information asset register, ensuring asset details such as owner, custodian, and confidentiality, integrity, and availability (CIA) classifications are properly documented.
• Coordinate with internal and external stakeholders to ensure compliance with and implementation of PCI-DSS and ISO 27001 standards.
• Manage third-party information security SLAs, including payments and renewals.

Eligibility / Qualification Required:

• **Qualification:** Bachelor's or Master's in Information Security, Computer Science, or Engineering
• **Experience:** At least 6 months to 1 year of professional experience in Information Security or IT GRC

How to Apply:

Interested candidates are requested to apply by sending their resumes via email to the following addresses:

• Primary Email: zain.mallick@soneribank.com
• Cc Email: syedumer.hussain@soneribank.com

Kindly mention the position in the subject line.

General Conditions:

Only shortlisted candidates will be contacted for an interview.
We are an equal opportunity employer.