Sign In  |  Create Account
  Home  |  Contact Us  |  Research Papers
Manager Information Security Compliance  
Pakistan Revenue Automation (Pvt) Ltd   More jobs from this company

  Email this job
Job Details Back to Job Listing
 
Job Title:   Manager Information Security Compliance
Category:   Networking
Total Positions:   1
Job Location:   Islamabad
Gender:   No Preference
Minimum Education:   Bachelors
Degree Title:   Masters / 4 years Bachelors in Information Security / Computer Science / Information Technology / Project Management / Business Administration from some reputed foreign or HEC-recognized institution / university
Career Level:   Experienced Professional
Minimum Experience:   7 Years
Salary Range:   PKR 0 to 0 per Month
Apply By:   Nov 30, 2021
     
     
 
Job Description:

·         Masters / 4 years Bachelors in Information Security / Computer Science / Information Technology / Project Management / Business Administration from some reputed foreign or HEC-recognized institution / university.


·         Candidate having 7+ years proven experience of the development, implementation, maintenance and compliance of organization-wide Information Security Policies, Programs, Standards and technologies related to systems/applications/databases/networks.


·         Professional security management certification like CISM, CISSP, CEH, CISA, COBIT, CompTIA Security+, ISO 27001.


·         Excellent communication skills both verbal & written.


·         Knowledge of disaster recovery, computer forensic tools, technologies and methods.


·         Professional experience in Information Security Compliance in applications, systems, databases and networks.


·         Ability to communicate information (cyber/network/data) security issues to peers and management.


·         Direct experience with anti-virus software, intrusion detection, firewalls and content filtering


·         Knowledge of information security related to applications/systems/databases/networks risk assessment tools, technologies and methods.


·         Require an excellent working knowledge of UNIX, Windows, and other operating system platforms.


·         Thorough understanding of established security and data sharing standards, such as SOX, HIPAA, and ISO, to ensure organizational compliance.


·         Strong problem-solving skills.


·         Experience designing secure systems, applications, databases and network architectures.


Responsibilities:


·         Provide assistance to develop, maintain and implement information security/cyber security/ network security processes / framework / methodologies and information security compliance against applications/systems/databases/networks.


·         Provide assistance to develop, implement, and maintain organization-wide Information Security Policies, Programs, Standards. Technologies and Compliance.


·         Provide assistance to develop, maintain, enhance, implement and monitor information (Cyber/network/data) security management / information risk management processes / framework / methodologies compliance against CIA (Confidentiality, Integrity, and Availability) for applications/systems/databases/networks.


·         Ensure the confidentiality, integrity and availability of organization's information, data and IT services related to applications/systems/databases/networks.


·         Manage to provide a secure, reliable platform (applications, databases, systems and networks)


organization-wide and to authorized third parties with the assurance that the platform is appropriate to process sensitive information.


·         Conduct information security awareness sessions / workshops on regular basis.


·         Support in providing a centralized management structure for all information security functions.


·         Perform IT security risk assessments and reporting on ways to minimize threats.


·         Monitor security vulnerabilities and hacking threats in network and host systems.


·         Tracking latest IT security innovations and keeping abreast of latest cyber security technologies


·         Ensure disaster recovery & business continuity.


·         Perform internal information security audits on regular intervals against all technologies.


·         Communicate with key stakeholders about IT security threats.


·         Implement an effective process for the reporting of security incidents.


·         In Case of a Security Breach, leads incident response activities to minimize the impact of a Security Breach. Technical and forensic investigation into how the breach happened and the extent of the damage.


·         Overseeing the investigation of reported security breaches.


·         Develop strategies to handle security incidents and trigger investigations.


·         Manage/deliver training, coaching, and mentoring to information security team members.


·         Comply with the latest regulations and compliance requirements.


·         Keep organization updated about the latest security strategies and technologies.


·         Ensure compliance to legal, regulatory & contractual information security requirements.


·         Lead the security design for all departmental projects, developments, integrations, third party integrations, highlight and clearly articulate risk mitigation requirement.


·         Lead the escalation and resolution of risk and compliance issues with appropriate stakeholders.


·         Collect, analyse, and prepare reports required for senior management, regulators, and other relevant stakeholders


·         Provide routine direction on remediation activity to meet compliance


·         Improve existing compliance programs and processes


·         Design and execute audit procedures to assess and measure company compliance with its security policies and procedures


·         Manage compliance testing and monitoring of current and future regulatory obligations, and other regulatory matters as required.


·         Improve existing compliance programs and processes.


·         Conduct internal security risk assessments and security compliance audits.


·         Ensure that cybersecurity is truly a central part of organizational culture, keeping stakeholders at all levels informed and vigilant.


·         Any task assigned by management.


Company Information
 
Company Name:  Pakistan Revenue Automation (Pvt) Ltd
Company Description:
Pakistan Revenue Automation (Pvt.) Ltd. (acronym – PRAL) has extensive experience of working with federal and provincial tax and revenue agencies to provide wide variety of tax and revenue collection solutions. Since its incorporation in June, 1994, PRAL has been involved in the development of wide array of tax and revenue related solutions pertaining to Income Tax, General Sales Tax, Federal Excise, Customs, Capital Value Tax, Provincial Sales Tax & Services. etc.

Over more than two decades of services, PRAL has gained valuable experience of increasing efficiency and efficacy of tax and revenue agencies through use of latest Information and Communication Technologies with Business Process Improvement / Re-engineering. PRAL has also proven its expertise in the areas of software development, project management, technical advisory and consulting services, managing data centers, large databases management, network administration, software implementations, trainings and data entry services. This wide spectrum of services offered by PRAL facilitates our valued customers looking for One-Stop Shop solutions from conceptualization to post-implementation operations.

The essence of PRAL’s business strategy is to develop sustainable partnerships with its customers thus acting as a catalyst in transforming and adapting its IT solutions and integrating these to the “New Wave of Technological Innovations” to meet the global requirements of tax and revenue agencies.

Copyright 2024, Quaid-e-Awam University of Engineering, Science and Technology. All Rights Reserved