Contribute to the definition/maintenance and applicability of IT governance models/processes.
Ensure effective implementation and compliance to IT governance standards.
Develop and enforce security requirements as part of the NITB’s application and system development lifecycle. Ensure that security is designed into applications at earliest stages.
Develop, support and enforce Information Security Policy, Standards and guidelines for business operations and technology implementations.
Develop standards, procedures, and guidelines that will assist the application development teams in integrating security requirements within their applications and databases.
Perform security risk assessments and security exposure analysis of business applications and databases.
Responsibilities for the enforcement of global strategies and standards in all federal government office locations including ensuring risk/compliance and security/build standards are followed.
Familiar with statutes, regulations and current cyber law with respect to establishing and maintaining a Cyber security program.
Ensure compliance with internal and external policies and regulations.
Proven ability to research, develop, and keep abreast of tools, techniques, and process of improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
Work with security teams to design and implement architecture to conduct statistical analysis of relevant data coming from IT infrastructure and business processes to draw meaningful conclusions from statistical trends.
Maintain a comprehensive information security and privacy program, delivering security strategy, policies, procedures, communications and training.
Establish and maintain relationships and partnerships with IT security related vendors and organizations, collaborate with other security groups within Federal Government, and represent NITB as security and privacy conferences/events.
Ability to present risks and propose countermeasures to senior technology executives.
Age Limit 50 years
CONDITIONS TO APPLY (For all above positions):
a) In case of selection, candidates working in public/private Sector will have to either resign or seek retirement from their posts/service before joining new assignment. NOC from present employer, in case of Government Servants is mandatory at the time of applying.
b) The initial period of contract appointment is two years (extendable). a. The positions offer salary package/benefits as admissible under the Government MPs Scales, MP-II Scale (181,050-18,150-181,500) and MP-III scale (127,050-18,150-181,500) (alongwith house rent, car monetization and utilities allowance. Candidates meeting the above criteria should submit their application at the URL address given below by providing details i.e. dates of award of degrees, date of birth, years of experience (year-wise) within Fifteen (15) days of publication of the advertisement. Candidates who prefer applying through post should send hard copies of CVs/testimonials/CNIC at the address mentioned below within the specified period. Envelopes and applications/CVs should clearly indicate the specific “Name of Post” against which application is being submitted. Incomplete applications will not be entertained. NITB believes in gender equality.
The Director IT GRC (Governance, Risk Management & Compliance) will be a key team player in supporting the development and delivery of best-in-class IT and business technology governance & security solutions to various clients in the public sector.
Qualifications / Experience:
Master’s Degree (equivalent to 18 years education) in the field of Computer Science/Information Technology/Information Security /(IT related to Technology and Science) from HEC recognized local or foreign university with at least eight (08) years of experience including three (03) years in managerial level or Bachelor’s degree (equivalent to 16 years of education) Computer Science/Information Technology/ Information Security / (IT Related disciplines) with ten (10) with minimum three (03) years in managerial role in IT Industry.
The successful candidate will bring diverse experience in the following:
o IT service management (ITIL)
o IT governance (COBIT 4 and 5) and performance (VaIIT)
o IT service management standards. o Information security standards.
o Enterprise Architecture (EA) Standards (TOGAF9)
o IT governance and organization assessment and redesign.
o IT performance measurement, assessment and improvement strategies.
o Adoption and implementation planning for IT governance strategies.
Relevant security, auditing and compliance certifications will be preferred e.g. CISSP, CISA or CISM.
Excellent written communication, negotiation and relationship building, skills and the ability to interact with and manage diverse stakeholders are mandatory.
Strong analytical and project management skills.