Responsible for securing and managing IT infrastructure, ensuring confidentiality, integrity, availability, and resilience of systems. Leads security operations, infrastructure risk management, incident response, and compliance with IS policies and regulatory requirements
• Provide strategic leadership in planning, implementing, and continuously enhancing enterprise-wide infrastructure security controls to safeguard organizational data, systems, and networks.
• Govern and review the effectiveness of network security controls—including Next-Gen Firewalls, WAF, EDR/XDR, VPNs, etc. ensuring alignment with industry best-practice architecture and regulatory requirements.
• Lead cross-functional alignment to ensure sustained compliance with regulatory and security frameworks such as PCI-DSS and CIS Controls and drive continuous maturity improvement.
• Provide executive oversight for monitoring, detecting, and responding to infrastructure-level security incidents, ensuring swift containment, investigation, and remediation.
• Lead enterprise technical risk assessments by identifying, analyzing, and evaluating security risks across systems, projects, and strategic programs, and ensure risk treatment aligns with business objectives.
• Lead the security automation initiatives across IS domain to optimize human and operational resources.
• Direct ongoing vulnerability identification, threat analysis, and remediation efforts across infrastructure and cloud components, ensuring timely risk reduction.
• Define scope for security assessments, penetration testing, and configuration reviews, and ensure findings are clearly communicated to senior leadership with actionable remediation plans agreed with stakeholders.
• Provide leadership oversight of daily security monitoring activities, reporting, and coordination with technology and business units to maintain a robust security posture.
• Manage and mature the incident handling, vulnerability management, and threat detection processes, ensuring root-cause analysis, lessons learned, and continuous improvement.
• Oversee the development, testing, and optimization of SIEM use cases, automation playbooks, and security analytics to enhance threat detection and response capabilities.
• Supervise and mentor Tier-2 and Tier-3 SOC teams, ensuring effective triage, escalation, and adherence to Incident Response processes and SLAs.
• Oversee large scale project deployments and operationalization
• Assist CISO in various tasks.
• Education: Bachelor’s or Master’s in Information Security, Computer Science or
information Technology.
• Certifications:
o CCIE Security or CISSP (Required)
o Certified Ethical Hacker (CEH)
o CCNA / CCNP (Preferred)
Job Locations:
Head Office
About MMBL:
Mobilink Microfinance Bank Ltd. is providing banking services to over 48 million registered users including 20+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 114 branches and 270,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan installments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion.
MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business.
Why Join MMBL ?
This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavor.