| Job Title: |
Head of Application Security |
| Eligibility Criteria: |
• Bachelor’s Degree in Computer Science/Information Technology or any other relevant field from any HEC-recognized University
• 10+ years of experience in the field of Information Security preferably in financial services and/or regulated sector
• Understanding of the information security core principles.
• Demonstrated skills in application security, DevSecOps and knowledge of pertinent SBP regulations & international standards. |
|
|
|
|
| Key Responsibilities: |
|
|
UBL is looking to hire a Head of Application Security for its Information Security Division. The resource would be responsible for leading IS Risk Analysis on software applications, APIs, Mobile Apps, Digital Channels, Cloud Computing, including review of security aspects of assets, Enterprise Architecture design controls of the Applications in accordance with applicable policies, standards & controls.
Job Description:
• Review with Information Security aspects of Enterprise Architecture design, controls of the Applications in accordance with applicable policies, standards, and controls, and Outsourcing environment
• Asses design, and controls on APIs, Digital Channels, and Cloud Computing
• Conduct due diligence of Technology vendors before onboarding new technology acquisitions against security baselines
• Supervise Information Security reviews followed by validation of controls of new information assets (preproduction) when presented for validation sign-off
• Supervise Information Security reviews in Change Management Processes before presenting them to Change Management Committee
• Manage information security risk assessments on the applications layer
• Support in providing updates to Information Security and other management committees
• Support in the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant regulations
• Conduct privacy and security risk assessment associated with the use of technology at UBL
|
|
|
|
|
|