• What is Manager SOC - MMBL?
  • The Manager SOC will oversee and mature the bank’s Security Operations Center (SOC) operations with a focus on threat detection, incident response, and continuous monitoring. The incumbent will lead the integration, optimization, and operation of key security tools including SIEM, SOAR, DAM, XDR, FIM, IDS/IPS, and Active Directory Monitoring. The role ensures timely detection and response to cyber threats while maintaining compliance with State Bank of Pakistan (SBP) regulations and international best practices.
• What Manager SOC - MMBL does?
  • SOC Leadership & Operations
  • • Lead end-to-end SOC operations and manage a team of L1–L3 analysts.
  • • Ensure 24/7 security event monitoring through IBM QRadar SIEM and log aggregation from critical systems.
  • • Coordinate use cases, correlation rules, and dashboards aligned with MITRE ATT&CK.
  • • Manager SOC may be required to participate in rotational shifts or cover critical shifts to maintain 24x7 security operations coverage.
  • Security Tools Management
  • • Administer and fine-tune SIEM for optimized event correlation and alerting.
  • • Oversee SOAR playbook development and integration with SIEM and incident handling processes.
  • • Ensure data activity monitoring via Database activity monitoring across databases and sensitive environments.
  • • Manage XDR for endpoint, server, and network telemetry visibility and threat detection.
  • • Ensure the effectiveness of File Integrity Monitoring (FIM) for policy and compliance alerts.
  • • Operate and monitor Intrusion Detection and Prevention Systems (IDS/IPS) and respond to detected threats.
  • • Administer Active Directory Monitoring for identity and privilege-related event tracking and audit trail reporting.
  • Incident Response & Threat Handling
  • • Coordinate triage, investigation, containment, and remediation of security incidents.
  • • Maintain and test incident response runbooks, including roles for key bank departments (Legal, HR, Compliance).
  • • Collaborate with threat intelligence platforms for proactive risk awareness and TTP mapping.
  • Compliance & Reporting
  • • Ensure compliance with SBP’s regulations and cyber incident reporting guidelines.
  • • Align SOC controls with ISO 27001 Annex A controls and PCI DSS requirements (e.g., logging, monitoring, IR).
  • • Maintain reporting dashboards, incident records, and threat metrics for senior management and regulators.
  • Threat Intelligence & Threat Hunting
  • • Integrate internal and external threat intel sources into SIEM and SOAR (e.g., Resecurity, IBM XForce).
  • • Lead proactive threat hunting exercises and simulate APT scenarios using MITRE ATT&CK mapping.
  • • Generate actionable threat briefings, IoCs, and TTP insights relevant to the financial sector in Pakistan.
  • Process Improvement & Automation
  • • Continually improve SOC workflows and automate repetitive tasks using IBM SOAR.
  • • Review and refine alert thresholds, correlation rules, and suppression logic to reduce false positives.
  • • Conduct lessons learned exercises post-incident and apply insights to SOC maturity roadmap.
  • Team Development & Stakeholder Engagement
  • • Train and mentor SOC analysts on tools, response tactics, and regulatory understanding.
  • • Facilitate Red and Purple Teaming coordination with IS or third-party partners.
  • • Engage with IT, Risk, and Audit teams for continuous improvement and stakeholder alignment.
• What are we looking for and what does it require to be Manager SOC - MMBL?
  • Education: Bachelor’s or Master’s in Information Security, Computer Science, or a related discipline.
  • Certifications:
  • Certified Ethical Hacker (CEH) (Required)
  • CISM/CISA/CISSP (Preferred)
  • IBM QRadar / IBM SOAR Certified Specialist (Preferred)
  • GIAC Certified Incident Handler (GCIH), CompTIA CySA+, or equivalent (Preferred)
  • CSA (EC-Council), or Certified Threat Intelligence Analyst (CTIA) (Preferred)
  • ISO 27001 Lead Implementer/Auditor and PCI DSS awareness is a plus
  • 5–7 years of overall experience in cybersecurity.
  • Minimum 3+ years in SOC operations or incident response leadership.
  • Strong hands-on experience with:
  • SIEM, SOAR, Database Activity Monitoring
  • XDR and FIM
  • IDS/IPS platforms
  • Active Directory Auditing or similar identity audit solutions
  • Integration and management of threat intelligence feeds

• Head Office

Mobilink Microfinance Bank Ltd. is providing banking services to over 42 million registered users including 16+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 100 branches and 200,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan installments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion. MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business.

This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavor.