Head of Enterprise Cyber Security & Governance - Islamabad

Description :

Grade Level: L4

Location: Islamabad

Last date to apply: 20th Feb 2025

What is Head Of Enterprise Cyber Security & Governance

We are seeking a highly skilled and experienced Cyber Security & Audits Manager to lead and manage the cyber security initiatives and auditing functions within the enterprise business unit. The ideal candidate will be responsible for implementing and maintaining the division’s information security policies, managing audit processes, and ensuring compliance with industry standards and regulations. Candidate will work closely with internal teams and external auditors to assess risks, protect sensitive data, and provide guidance on strengthening our overall security posture.

The role reports directly to the CTO Enterprise .

What does Head Of Enterprise Cyber Security & Governance do?

Cyber Security Management

• Develop and implement comprehensive cybersecurity strategies to protect the organization's information assets, systems, and networks.
• Monitor the organization's security posture, including vulnerability management, threat intelligence, and incident response.
• Oversee the configuration, maintenance, and continuous improvement of security tools (e.g., firewalls, antivirus software, encryption protocols).
• Manage and coordinate security operations, ensuring that security incidents are identified, investigated, and mitigated in a timely manner.
• Conduct regular security assessments, including penetration testing, risk assessments, and security audits.
• Stay updated on emerging security threats, best practices, and compliance requirements (e.g.,  PCI-DSS, NIST, ISO 27001).

Audit & Compliance Management

• Lead the planning and execution of internal and external IT audits, ensuring alignment with relevant industry standards and regulatory requirements.
• Coordinate the development of audit plans, audit scopes, and schedules to ensure timely and accurate audits.
• Assess the effectiveness of the organization's internal controls, risk management processes, and compliance with policies, procedures, and legal requirements.
• Prepare audit reports, highlighting potential risks, findings, and recommendations for improvement.
• Collaborate with management and departments to resolve audit findings and implement corrective actions.
• Ensure compliance with cybersecurity frameworks, policies, and regulatory requirements, advising on areas of non-compliance.

Team Leadership & Stakeholder Management

• Lead, mentor, and develop a team of cybersecurity professionals and audit specialists.
• Serve as the key point of contact for cybersecurity and audit-related issues for senior management, external auditors, and regulatory bodies.
• Prepare and deliver presentations to senior leadership, translating complex technical issues into business-focused solutions.
• Facilitate training and awareness programs for staff to promote best practices in security and compliance.

Reporting & Documentation

• Prepare and maintain detailed reports, incident logs, and compliance records for internal and external review.
• Develop and maintain up-to-date policies, procedures, and security documentation for audit and security operations.
• Provide regular updates to senior management regarding security incidents, audits, and compliance status.

Jazz is an equal opportunity employer. We celebrate, support, and thrive on diversity and are committed to creating an inclusive environment for all employees.

Requirements

• Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field (Master’s degree preferred).
• At least 5-7 years of experience in cybersecurity and/or auditing, with a proven track record in managing security operations and conducting audits.
• Certifications in cybersecurity (e.g., CISSP, CISM, CISA, CompTIA Security+) and audit (e.g., CISA, CIA) are strongly preferred.
• Strong experience in risk management, vulnerability assessments, incident response, and compliance audits (ISO 27001, PCI-DSS, NIST).

• In-depth knowledge of cybersecurity tools, technologies, and frameworks (e.g., firewalls, encryption, SIEM, IDS/IPS, DLP).
• Expertise in regulatory frameworks and standards such as GDPR, HIPAA, PCI-DSS, SOX, NIST, and ISO 27001.
• Strong understanding of IT infrastructure, cloud computing, and network architecture.
• Excellent problem-solving, critical thinking, and decision-making skills.
• Proven ability to lead cross-functional teams and manage complex projects.
• Strong written and verbal communication skills, with the ability to present technical concepts to non-technical stakeholders.
• Detail-oriented, with a commitment to accuracy and compliance.

• Strong leadership skills with the ability to motivate and guide teams.
• Proactive and self-driven, with the ability to work independently and as part of a collaborative team.
• High level of integrity and a commitment to maintaining confidentiality and trust.

• Experience in managing audits related to cloud environments (Vmware,AWS, Azure, etc.) or enterprise-level IT systems.
• Familiarity with security automation tools and practices.
• Ability to manage vendor relationships and third-party risk assessments.
• Understanding of business continuity planning, disaster recovery, and incident management processes.

Benefits

As one of the leading employers in the country, Jazz epitomizes the philosophy that each Jazz employee is passionately living a better every day inspired and enabled by visionary leadership, a unique professional culture, a flourishing lifestyle, and continuous learning and development.

 As one of the largest private sector organizations in Pakistan, our objective is to continue to change the lives of our 69 million customers for the better. This is an opportunity for someone who wants to be part of something transformative, someone who can play a critical role in driving our success. Together, we can empower millions more with the tools necessary to progress in an increasingly digital economy.