FF Job Portal

Manager, Information Security, Risk & Compliance

Job Details

Rawalpindi, Pakistan
Fauji Foundation Head Office
Employment Status:
Job Posted:
Last Date to Apply:
Preferred Candidate(s)
Year of Experience:
2 Year(s) in Field of Software
Both (Male & Female)
Min 25 Year(s)
Job Description:

Job Title: Manager, Information Security, Risk & Compliance

Essential Qualification:

  1. Bachelor’s Degree in Cyber Security, Artificial intelligence or IT Related Fields from HEC Recognized University/ Reputed Foreign University.
  2. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Certified Ethical Hacker (CEH).


  1. Must know concept of NIST Risk Management Framework and NIST Cybersecurity Framework.
  2. Knowledge of computer networking concepts and protocols, and network security methodologies.
  3. Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  4. Knowledge of cybersecurity privacy principles, cyber, vulnerabilities, incident response handling methodologies.
  5. System life cycle management principles, including software security and usability skills.
  6. Must be aware of DDos attack , Botnet attack , Memcahe dosattack, smurf attack ,crypto attack , Layer 3 attack , DNS amplification attack ,DNS flood, HTTP flood attacks , behavior analysis and  Machine Learning techniques.


  1. 2+ years’ experience of conducting security risk assessments or IT audits using standardized processes such as NIST SP 800-30, ISO 27001, SOC 2, or similar.
  2. 2+ years’ Experience of cybersecurity controls frameworks and data privacy regulations such as NIST SP 800-53, ISO 27001/2, HIPAA, CIS Controls, NIST CSF, HITRUST, GDPR, CCPA, or similar.
  3. Experience in Privilege access management technologies like Beyond Trust & Thycotic technologies.
  4. Implementation & configuration level experience with SIEM/SIM, Threat Intelligence, Endpoint Detection and Response tools, and other cyber security systems such as email threat protection, DKIM, DMARC and SPF configuration.

Tasks / Responsibilities:

  1. Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture.
  2. Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements.
  3. Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
  4. Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
  5. Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
  6. Understanding of security incident management, malware management and vulnerability management processes.
  7. Analysis, of complex security issues and the development and engineering activities to help mitigate risk.
  8. Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit ATTs cyber security needs and that of our managed services teams.
  9. Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers.
  10. Applies measures to block malicious code and applications.
  11. Ensure Anti malware, Web Reputation, Application Control, Integrity monitoring, Log inspection, firewall & intrusion prevention rules.

Note:  No CVs in hardcopy will be entertained. Only apply online through FF Jobs Portal or send your resume at ffjobs@fauji.org.pk

Further Detail ...

Please Login OR Signup to apply.