Job / Position Details:

JOB CODE:
8169-1
JOB TITLE
LOCATION
DEADLINE
Chief Manager - IT Risk
Karachi
December 18, 2022
JOB DETAILS:
The employment will be on contractual basis for three years, which may be renewed on discretion of the Management based on company’s requirement and individual’s performance.
Qualification & Experience:
Bachelors in Computer Science with 10 years of experience or MCS with at least 09 years of experience. Cyber security, or related field preferred Certifications in relevant Security and Compliance {CISA, CRISC, CISSP, etc.) preferred
Responsibilities:
    1.
  • Lead the development / implementation of system-wide risk management function of the information security program to ensure information security risks are identified & monitored.
  • Advance the design, delivery, and performance of lT risk metrics and reporting including the Business Impact Assessment, lT Risk Management Framework, and the management of configurations and standards.
  • Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls, risks involved for the organization's information and technology systems.
  • Lead the system-wide information security compliance program, ensuring lT activities, processes, and procedures to meet defined requirements, policies and regulations.
  • Lead enterprise, network, application, and cloud infrastructure risk assessments while maintaining process and procedural documentation.
  • Manage third-party risk assessments and ongoing monitoring activities for lT vendors.
  • Coordinate and track all lT Risks, information technology and security related assessments including scope of assessment, parties involved, timelines, and outcomes.
  • Must be able to assess computer hardware, software, and systems for security risks or violations and work with staff and technology vendors to recommend solutions.
  • Develop strategies to address awareness and training for all stakeholders as well as technical solutions.
  • Manage a dynamic team while helping them grow in their positions and keeping them motivated and informed of organization's direction.
  • Provide insight and guidance to IT processes and projects to ensure best practices and security standards are maintained.
  • Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
  • Operate with a high degree of independence with regard to project management activities, including development of project plans and budget/resource estimates.
  • Excellent knowledge and experience of information security, audit, risk management, compliance or risk consulting experience.
  • Knowledge & Experience of securing network technologies, client, and server operating systems.
  • Must be well versed with laws and guidelines affecting Energy / utility entities.
  • Experience responding to, analyzing and communicating information security incidents.
  • Excellent written and verbal communication skills.
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience.

Copyright (c) 2018-2025 Sui Southern Gas Company Limited. All Rights Reserved.