Job Advertisement 03-Feb-2025 in National Bank of Pakistan NBP Karachi

CAREER OPPORTUNITIES

National Bank of Pakistan (NBP), one of the nation's largest and leading financial institutions, is committed to supporting the financial well-being of the nation and enabling sustainable growth. The Bank is looking for talented, dedicated, and experienced professionals to join its Risk Management (Information Security) team in Karachi.

Positions Available:

1. Department Head-IS Digital Channels (AVP/VP)

Reporting to: Wing Head-IS Risk Management
Educational/Professional Qualification:

• Minimum Graduation or equivalent from an HEC recognized institution.
• Bachelors or Masters in Computer Science/Information Systems/Information Technology/Technology Engineering or other relevant certifications preferred.

Experience:

• Minimum 06 years in Information Technology/Information Security, with at least 03 years in application/project security/assessment.
• Banking or large-scale organizational experience preferred.

Skills & Knowledge Required:

• Strong knowledge of Information Security.
• Familiarity with SP guidelines related to Information Security.
• Good interpersonal and people management skills.
• Proficiency in control assessments of applications, processes, and IT solutions.

Main Duties & Responsibilities:

• Execute risk assessment for digital applications, ensuring compliance with Information Security standards.
• Communicate identified risks and impacts to management.
• Monitor and track Information Security issues, from audits and assessments to resolution.
• Oversee the Vulnerability Assessment program.
• Assist in revising and implementing security policies and procedures.
• Ensure compliance with PCI DSS standards and manage related audits.
• Develop and manage mechanisms for timely closure of security observations.
• Perform other duties assigned by supervisors.

2. Department Head-Network Security (AVP/VP)

Reporting to: Wing Head-Network and Infrastructure Security
Educational/Professional Qualification:

• Minimum Graduation or equivalent from an HEC recognized institution.
• Bachelors or Masters in Computer Science/Information Systems/Information Technology/Technology Engineering or other relevant certifications preferred.

Experience:

• Minimum 06 years in Information Technology/Information Security, with 03 years in Infrastructure Security management/implementation/assessment.
• Banking or large-scale organizational experience preferred.

Skills & Knowledge Required:

• In-depth knowledge of Information Security practices.
• Proficiency with SBP guidelines related to Information Security.
• Strong interpersonal and people management skills.
• Familiarity with control assessments and security solutions.

Main Duties & Responsibilities:

• Develop and implement infrastructure security policies, protocols, and standards.
• Oversee security architecture and propose necessary controls.
• Manage infrastructure security projects and collaborate with stakeholders.
• Evaluate infrastructure security exceptions and conduct assessments for changes.
• Perform security analysis and incident management.
• Manage and report on cybersecurity metrics.
• Perform infrastructure testing, audits, and assessments.
• Assist in managing cyber defense at the infrastructure level.
• Perform other duties as assigned.

3. Officer-Internet Application Security Review (OG-H/OG-1)

Reporting to: Wing Head-15 Risk/15 Operations and Threat Management
Educational/Professional Qualification:

• Minimum Graduation or equivalent from an HEC recognized institution.
• Bachelors or Masters in Computer Science/Information Systems/Information Technology/Technology Engineering or other relevant certifications preferred.

Experience:

• Minimum 02 years in Information Technology/Information Security, preferably in internet application security review.

Skills & Knowledge Required:

• Basic understanding of Information Security functions.
• Familiarity with cybersecurity monitoring tools.
• Good interpersonal skills and ability to work under pressure.

Main Duties & Responsibilities:

• Assess vulnerabilities in web applications and provide subject matter expertise.
• Ensure compliance with Swift CSP (Customer Security Program) and KYC protocols.
• Implement security measures and controls in application security.
• Assist in deploying security testing tools and identifying the root causes of incidents.
• Regularly evaluate security policies and recommend necessary changes.
• Perform other duties as assigned.

4. Application Security Analyst (OG-II/OG-I)

Reporting to: Department Head-Application Security
Educational/Professional Qualification:

• Minimum Graduation or equivalent from an HEC recognized institution.
• Masters in Computer Science/Information Systems/Information Technology/Engineering or certifications like CISA, CISM, CRISC, CISSP preferred.

Experience:

• Minimum 02 years in Information Technology/Information Security, focusing on application/database security.

Skills & Knowledge Required:

• Strong understanding of Information Security functions and SBP guidelines.
• Proficiency in penetration testing and vulnerability lifecycle management.
• Familiarity with software development and code reviews.

Main Duties & Responsibilities:

• Develop and evolve the organization’s application security function.
• Ensure secure software development practices within the organization.
• Perform security assessments and penetration testing on business applications.
• Guide code reviews and vulnerability remediation processes.
• Oversee security activities of third-party vendors.
• Respond to audit findings and ensure compliance.
• Assist in managing cyber defense at the application layer.
• Perform other duties as assigned.

Additional Information:

• Assessment Test/Interview(s): Only shortlisted candidates meeting the eligibility criteria will be invited for tests and interviews.
• Employment Type: Contractual basis for 3 years (renewable based on management discretion).
• Compensation & Benefits: Competitive compensation package as per the Bank's policy.
• Equal Opportunity: National Bank of Pakistan welcomes applications from all qualified individuals, irrespective of gender, religion, or disability.

Interested candidates may apply online through www.sidathyder.com.pk/careers within 10 working days of this advertisement. Applications submitted after the deadline will not be considered. No TA/DA will be provided for tests/interviews.