IT Security Officer

Job Summary:

The incumbent will assume responsibility for managing the organization’s Information Security Program, encompassing implementing, developing, and maintaining comprehensive information security policies, procedures, business continuity plans, and assessments necessary to safeguard systems from internal and external threats. Additionally, they will oversee Information Risk Management activities, conduct Information Security Assessments, and report potential and existing information security risks and threats. Furthermore, the Information Security Officer will support the IT Team in applying safeguards throughout the organization to ensure operational IT Systems’ confidentiality, integrity, and availability. They will be required to work at the office premises three times a week, from Mondays to Fridays, following the office timings of the Area Office.

About Company:

Cyber Security Zone is a leading provider of cyber security services and training in Pakistan. Our comprehensive solutions and expert guidance help our clients protect their digital assets and enhance their cyber resilience. Whether you need to secure your network, data, or devices, we have the right tools and skills to meet your needs. We also offer a range of cybersecurity courses and certifications for individuals and organizations who want to learn the latest skills and best practices in the field.

Duties & Responsibilities:

1. Implement the overall Information Security program at the Company Area Office.
2. Collaborate with the Company Headquarters (HO) IT Security team to implement IT Security Programs.
3. Develop and review Information Security Policies, Procedures, Baselines, and Guidelines compliant with the Government of Pakistan’s IT Security standards.
4. Establish and monitor Information Classification and Data Loss prevention Rules and Strategies.
5. Review ISO27001 ISMS compliance in line with HO-IT security requirements.
6. Understand the business security and continuity needs of the Area Office.
7. Conduct Vulnerability Assessment and Penetration Testing (VAPT) Activities.
8. Monitor Antivirus and other security products for alerts and respond accordingly.
9. Recommend appropriate corrective actions to resolve/mitigate Information security incidents, collaborating with the Company’s compliance, forensic, internal audit, and legal teams as required.
10. Assist in security-related training programs, awareness campaigns, metrics, and skills development for the organization, including knowledge transfer to IT staff.
11. Develop and Conduct Information Security Training for Area Office.
12. Implement technology projects such as MDM, IRM, Anti-APT.
13. Manage Incident Management & Response activities.
14. Regularly review and manage logs.
15. The ability to adopt the core information security across the following domains:

• Access Control.
• Business Continuity procedure & Disaster Recovery.
• Vulnerability & Patch Management.
• Information Security and Risk Management.
• Legal, Regulations, Compliance, and Investigations.
• Operations Security.

1. Plan, Budget, Design, Implement, and administer security solutions in coordination with relevant departments and vendors.
2. Perform any other tasks related to IT functions as advised by the Company.

Availability and Flexibility: Be available full-time from 0900-1700 hrs. on an as-needed basis, three days a week. Additionally, be prepared to work on days when the Company’s main IT officer is on leave.

Attendance and Payment: Maintain accurate attendance records, and payments will be made at the end of each month on a per-day basis according to the attendance sheet. Extra working hours will be compensated on a per-hour basis.

Qualification / Experience:

• Qualification: Bachelor’s in Computer Sciences or Information Security
• Experience: Minimum Eight (8) years of experience in similar positions.
• Candidates with Cyber Security certifications (CISSP, CISM, CEH) will be preferred.

Recruitment:

Information Security Officer candidates must meet the following requirements:

• Age Limit: Maximum age limit of 45 years. Individuals under 18 years will not be considered for employment.

Legal And Other Requirements:

The candidate must comply with applicable National, Provincial Laws, and Company Policies.

Why Join Us:

1. Dynamic Work Environment: Join a team of passionate professionals dedicated to protecting digital assets and enhancing cyber resilience.
2. Opportunity for Growth: Expand your skills and expertise in cybersecurity while contributing to the organization’s success.
3. Impactful Work: Make a difference by safeguarding organizations against evolving cyber threats and protecting critical information assets.
4. Continuous Learning: Stay updated with the latest trends, technologies, and best practices in cybersecurity through ongoing training and professional development opportunities.
5. Collaborative Culture: Work in a supportive and collaborative environment where your ideas and contributions are valued and encouraged.