• What is Head of IS Governance - MMBL?
  • The Head of IS Governance will lead and strengthen the bank’s enterprise cybersecurity governance framework with a focus on regulatory compliance, information security governance, risk management, policy development, audit coordination, and security assurance. The incumbent will ensure alignment with State Bank of Pakistan (SBP) regulations, international standards, group reporting and industry best practices while driving a culture of security, accountability, and continuous compliance across the organization.
• What Head of IS Governance - MMBL does?
  • 1. Governance & Security Leadership
  • • Lead the bank’s Information Security Governance function.
  • • Develop, implement, and maintain enterprise-wide information security governance frameworks, policies, standards, and procedures.
  • • Provide strategic guidance to senior management on cyber risk posture, regulatory obligations, and governance improvements.
  • • Conduct awareness sessions for employees, management, and key stakeholders on evolving cyber risks and regulatory expectations.
  • • Mentor and develop GRC team members and foster continuous professional development.
  • • Oversight on Identity Management function
  • 2. Risk Management & Compliance
  • • Establish and maintain enterprise cybersecurity risk assessment and risk treatment processes.
  • • Identify, assess, monitor, and report information security risks, vulnerabilities, and compliance gaps.
  • • Ensure compliance with SBP regulations, cybersecurity frameworks, and regulatory reporting obligations.
  • • Align the bank’s security controls with ISO 27001, PCI DSS, and other relevant frameworks and standards.
  • • Oversee third-party/vendor security risk assessments and compliance reviews.
  • 3. Policy, Standards & Control Management
  • • Develop and maintain information security policies, procedures, standards, and control frameworks.
  • • Ensure periodic review and updates of security documentation in line with regulatory and organizational requirements.
  • • Ensure implementation and effectiveness of security controls across technology and business environments.
  • • Promote security awareness and policy adherence throughout the organization.
  • 4. Audit & Regulatory Coordination
  • • Lead internal and external security audit engagements, regulatory inspections, and compliance assessments.
  • • Coordinate with Internal Audit, Risk Management, Compliance, Legal, and business stakeholders on audit and regulatory matters.
  • • Ensure timely closure of audit observations, compliance findings, and corrective action plans.
  • • Maintain compliance evidence repositories, regulatory documentation, and management reporting dashboards.
  • • Lead enterprise-wide information security awareness and compliance training programs.
  • • Promote a strong culture of cybersecurity, ethics, and regulatory compliance across the bank.
• What are we looking for and what does it require to be Head of IS Governance - MMBL?
  • • Education: Bachelor’s or Master’s in Information Security, Computer Science or related.
  • • CISM / CISA / CISSP (Preferred)
  • • ISO 27001 Lead Implementer or Lead Auditor (Preferred/Required)
  • • Certified in Risk and Information Systems Control (CRISC) certification will be plus
  • Experience:
  • • 10-12 years of overall experience in cybersecurity
  • • Strong experience in Identity & Access Management (IAM) governance including user access reviews, privileged access management (PAM), segregation of duties (SoD), role-based access control (RBAC), and identity lifecycle management.
  • • Experience leading enterprise-wide security transformation, compliance, audit remediation, or governance enhancement projects.
  • Strong experience with:
  • • Information Security Governance Frameworks
  • • Regulatory Compliance and Audit Coordination
  • • ISO 27001, PCI DSS, and NIST Frameworks
  • • Third-Party/Vendor Risk Management
  • • Security Awareness and Governance Reporting
  • • Strategic thinker with strong business and risk awareness.
  • • Strong leadership and mentoring capabilities.
  • • Adaptable to evolving regulatory, compliance, and cybersecurity landscapes.

• Head Office

Mobilink Microfinance Bank Ltd. is providing banking services to over 48 million registered users including 20+ million monthly active customers across Pakistan. With a hybrid model that combines traditional microfinance with mobile/digital banking technologies, the bank now operates with over 114 branches and 270,000 branchless banking agents and provides a USSD (GSM) based digital channel offering savings, micro enterprise (MSME) loans, small housing loans, remittances, collection (utility bills and loan installments), mobile wallets, insurance, G2P, B2B & B2P payments; thus, playing a leading role in the promotion of financial inclusion. MMBL is committed to fostering a positive and productive workplace, and our core values reflect this focus. These values include promoting innovation and entrepreneurship, encouraging teamwork and collaboration, and prioritizing a customer-centric approach in all aspects of our business.

This is an opportunity for someone who is passionate about making a difference and playing a key role in driving transformative change. Our team is committed to empowering millions with the tools necessary to succeed in the digital age, and we're looking for a talented individual to join us in this endeavor.