Job Context This leadership role manages the bank’s Information Security operations, strategy, and regulatory compliance. The position is accountable for ensuring the confidentiality, integrity, and availability of banking information assets in alignment with Bangladesh Bank ICT Security Guidelines and international cybersecurity best practices.
Responsibilities
• Develop and enforce the Bank’s cybersecurity strategy, policies, and roadmap ensuring alignment with Bangladesh Bank ICT Guidelines and Board directives.
• Lead SOC operations, including real-time monitoring, log analysis, malware forensics, and advanced threat hunting.
• Oversee the deployment and continuous improvement of security technologies: SIEM, SOAR, WAF, NGFW, IPS/IDS, EDR/XDR, IAM/PAM, and DLP.
• Lead compliance programs and regulatory audits, maintaining alignment with ISO 27001, PCI-DSS, and industry standards.
• Conduct cybersecurity risk assessments, manage the Bank’s Risk Register, and oversee VAPT, red-blue team exercises, and regulatory cyber drills.
• Lead incident response, root-cause analysis, and support Business Continuity/Disaster Recovery planning.
• Ensure "security-by-design" and secure SDLC across applications, APIs, and digital channels.
• Mentor the cybersecurity team and conduct ongoing phishing simulation and awareness training for employees.
Educational Requirement & Age Limit
• MSc or BSc in Information Security, Computer Science, IT, or a related discipline from a reputed university.
• Must not exceed 45 years of age
Professional Certification
• Highly Valued Certifications: CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor, CEH, CHFI, CCSP.
• Technical certifications such as RHCSA, OffSec, CCNP Security, or JNCIP Security are a strong plus.
Skill Requirement
• Strong leadership and analytical skills with proficiency in IT governance and risk management.
• Deep technical expertise in SOC operations, SIEM, SOAR, packet analysis, digital forensics, and endpoint protection.
• Knowledge of cloud security, microservices, DevSecOps, and API security.
• Excellent communication and stakeholder management skills.
Experience Requirement
• Minimum of 10–12 years of Cybersecurity/IT security experience specifically within the Banking sector.
• At least 3 years in a supervisory or managerial role leading SOC, cyber governance, or security programs.
• Demonstrated experience in managing cyber incidents, regulatory compliance, and IT risk management.
Additional Requirement
• Ability to work under pressure and respond to cybersecurity threats 24/7 (on-call rotation expected).
• Experience in the Telecom or wider BFSI sector will be considered an advantage.