
Global Cybersecurity
1 week ago
The Global Cybersecurity/SOC Manager will play a key role in maintaining and continuously improving FINCA's cybersecurity, monitoring and control framework, ensuring that effective security risk, threat, vulnerability and incident management practices are incorporated into IT and business practices within their FIF and subsidiaries.
Developing and facilitating security logs and incident management, analytics and reporting capacities is a primary focus of the position. Working closely with global, regional and local Information Security and IT resources to design, test, implement effective security controls is another key responsibility of the position.
Accountabilities- Communicate and collaborate with internal clients to contribute to security direction, and provide influence and technical guidance on current and future technical security directions.
- Act as a cybersecurity subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and support.
- Provide input to the annual Information Security budget cycle.
- Ensure that security requirements are identified early on and are being incorporated into all projects/applications:
- Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve our ability to protect corporate assets and infrastructure.
- Develop and maintain documentation of relevant IT systems and security controls.
- Assess and capture security requirements within context of enterprise application architecture.
- Ensure that application development and deployment meet FINCA security standards.
- Provide security input to design and application architectural reviews.
- Report on risks, risk mitigations, and residual business risks.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Develop recommendations for improvements.
- Monitor appropriate sources for newly identified threats and vulnerabilities.
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Recognize and safely utilize attacker tools, tactics, and procedures.
- Develop methodologies to enhance red teaming processes.
- Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff.
- Execute and/or lead (when required) red team assessments to highlight gaps impacting organization security posture.
- Research new/emerging security threats, vulnerabilities and exploit techniques.
- Respond to new attack surfaces and help implement new requirements as needed.
- Develop, manage, and maintain security testing industry frameworks and best practices: Cloud Security Alliance (CSA), NIST, SANS, CIS.
- Partner with Global Information Security and Business Continuity team members across the network to drive secure outcomes based on industry best practices.
- Play a key role in Global Cybersecurity Team on developing threat modeling and new detection techniques, based on trending attack surfaces.
- Provide support to business digital projects through entire project lifecycle (threat modeling, requirements definition, verification and validation).
Qualifications
- Bachelor's Degree in a technical discipline or equivalent work experience.
- Certifications are not required, but will be considered in the evaluation process. Applicable certifications include: SANS, Splunk, CISSP.
- Knowledge of security and control frameworks (such as ISO 27001, CobiT, NIST).
- Security certifications (CISSP, GIAC, CEH, CISM, OSCP) will be an asset.
Experience
- Minimum 4-6 years of experience in a Security Manager/Analyst Role.
- Experience in a financial institution will be considered as a plus.
- Experience working in a large international organization or network will be considered as a plus.
- Experience with IT security assessments.
- Experience with common assessment tools (examples Qualys, Tenable, Rapid7).
- Experience communicating assessment results to audiences with diverse technical proficiency.
- Experience constructively articulating business impact of vulnerabilities to various stakeholders.
- Experience with correlating and analyzing logs and events from various sources (e.g. Vulnerability Scanning, Virus Protection, SIEM).
- Experience with producing and customizing security queries, reports and dashboards from various sources (e.g. Vulnerability Scanning, SIEM, Virus Protection).
- Experience conducting application security reviews preferred.
- Experience with scripting languages desired.
Knowledge and Skills
- Able to explain and deliver technical solutions in a practical way.
- Able to manage simultaneously multiple projects involving various stakeholders and to deliver results within deadlines.
- Work well in a team environment including cross-functional and cross-organizational teams maintaining composure in difficult situations with a professional attitude and ownership mindset.
- Excellent communication (oral and written) and interpersonal skills.
- Proven ability to delegate and to empower teams.
- Ability to be a strongly credible ambassador for the FIF brand, including making presentations, and able to establish respect and credibility with media outlets.
- Strong skills in analysis, problem-solving, and resolving disputes.
- Strong technical reporting skills.
- High degree of initiative and ability to work with little supervision.
- Knowledge of Windows, Linux, and Unix operating systems. Hands-on experience a plus.
- High level of personal integrity, and the ability to professionally handle confidential matters with appropriate judgment and maturity.
- Penetration testing skills are considered a plus.
- Eager to learn and expand cybersecurity knowledge.
Language Skills
- Fluency in English.
- Fluency in other FINCA working languages, such as Spanish, French, or Russian is a plus.
- Availability to travel up to 50% of the time.
If you are interested, please apply now.
#J-18808-Ljbffr-
Global Cybersecurity Professional
2 weeks ago
Lahore, Punjab, Pakistan beBeeCybersecurity Full time $800,000 - $1,200,000Job OpportunityThe role of Cybersecurity/SOC Manager is pivotal in maintaining and continuously enhancing the cybersecurity framework. Ensuring effective security risk, threat, vulnerability, and incident management practices are incorporated into IT and business practices.Key ResponsibilitiesDeveloping and facilitating security logs and incident management,...
-
Cybersecurity Leader
1 week ago
Lahore, Punjab, Pakistan beBeecybersecurity Full time 1,500,000 - 1,750,000We are seeking a seasoned Cybersecurity Manager to spearhead our global cybersecurity efforts. This key role will be responsible for maintaining and improving our cybersecurity framework, ensuring effective security risk, threat, vulnerability, and incident management practices are incorporated into IT and business operations.
-
Cybersecurity Engineer
2 weeks ago
Lahore, Punjab, Pakistan SENSYS Inc. Full time## We Offer### ImplementationImplement Sensys with our experts using a consultative, solution-focused approach and world-class project management### TrainingCustom training programs designed with your organization in mind with options for remote, on-site, and off-site## Cybersecurity EngineerLahore, Pakistan · Full-time · Intermediate - Senior#### About...
-
Cybersecurity Engineer
1 week ago
Lahore, Punjab, Pakistan SENSYS Inc. Full time## We Offer### ImplementationImplement Sensys with our experts using a consultative, solution-focused approach and world-class project management### TrainingCustom training programs designed with your organization in mind with options for remote, on-site, and off-site## Cybersecurity EngineerLahore, Pakistan · Full-time · Intermediate - Senior#### About...
-
Cybersecurity Engineer
2 weeks ago
Lahore, Punjab, Pakistan INTECH Automation & Intelligence Full timeOverviewAbout The Job: Join our Team - Your career journey starts here – not just a job, but a future.Our Potential Opportunity: INTECH Automation Intelligence is seeking an experienced Cybersecurity Consultant with expertise in Governance, Risk, and Compliance (GRC), Vulnerability Management and Incident Management to join our OT Cybersecurity Product...
-
Cybersecurity Engineer
2 weeks ago
Lahore, Punjab, Pakistan INTECH Process Automation Full time $90,000 - $120,000 per yearAbout the job Join our Team - Your career journey starts here – not just a job, but a future. Our Potential Opportunity INTECH Automation Intelligence is seeking an experienced Cybersecurity Consultant with expertise in Governance, Risk, and Compliance (GRC), Vulnerability Management and Incident Management to join our OT Cybersecurity Product Team....
-
Cybersecurity Engineer
2 weeks ago
Lahore, Punjab, Pakistan INTECH Process Automation Full timeAbout the jobJoin our Team - Your career journey starts here – not just a job, but a future.INTECH Automation Intelligence is seeking an experienced Cybersecurity Consultant with expertise in Governance, Risk, and Compliance (GRC), Vulnerability Management and Incident Management to join our OT Cybersecurity Product Team. This role is pivotal in delivering...
-
Cybersecurity Engineer
2 weeks ago
Lahore, Punjab, Pakistan INTECH Full timeAbout the jobJoin our Team - Your career journey starts here – not just a job, but a future.INTECH Automation Intelligence is seeking an experienced Cybersecurity Consultant with expertise in Governance, Risk, and Compliance (GRC), Vulnerability Management and Incident Management to join our OT Cybersecurity Product Team. This role is pivotal in delivering...
-
Senior Cybersecurity Specialist
2 weeks ago
Lahore, Punjab, Pakistan beBeeInformationSecurity Full time $80,000 - $122,000Global Information Systems Auditor JobWe are a global leader of responsible financial services. We deliver positive social impact and financial sustainability.The role of the Information Systems (IS) Auditor is to analyze and assess our technological infrastructure to ensure processes and systems run accurately and efficiently, while remaining secure and...
-
Chief Security Officer
1 week ago
Lahore, Punjab, Pakistan beBeeCybersecurity Full time $90,000 - $128,000We are seeking a seasoned Cybersecurity Professional to join our team. This pivotal role requires expertise in Governance, Risk, and Compliance (GRC), Vulnerability Management, and Incident Management.Responsibilities include designing, implementing, and maintaining security risk management frameworks aligned with industry standards, leading GRC automation...