Head of IS Governance

About the role

The Head of IS Governance will lead the bank’s enterprise cybersecurity governance framework, ensuring compliance with State Bank of Pakistan regulations, international standards and group reporting requirements. This senior position drives a culture of security, accountability and continuous compliance across the organization.

Key responsibilities

• Develop, implement and maintain enterprise‑wide information security governance frameworks, policies, standards and procedures.
• Provide strategic guidance to senior management on cyber risk posture, regulatory obligations and governance improvements.
• Lead the Identity Management function and oversee third‑party/vendor security risk assessments.
• Establish and maintain cybersecurity risk assessment and treatment processes, reporting risks, vulnerabilities and compliance gaps.
• Align security controls with ISO 27001, PCI DSS and other relevant frameworks.
• Coordinate internal and external audit engagements, regulatory inspections and ensure timely closure of findings.
• Maintain compliance evidence repositories, regulatory documentation and management reporting dashboards.
• Promote security awareness and deliver enterprise‑wide training programs.

Required profile

• Bachelor’s or Master’s degree in Information Security, Computer Science or a related field.
• Professional certifications such as CISM, CISA or CISSP preferred.
• Extensive experience in information security governance, risk management and regulatory compliance within the banking sector.
• Proven ability to lead GRC teams and mentor staff.

Required skills

• ISO 27001 implementation and maintenance.
• PCI DSS compliance.
• Risk assessment and risk treatment processes.
• Identity Management.
• Governance, Risk & Compliance (GRC) frameworks.
• Audit coordination and regulatory reporting.
• Vendor security assessments.