Information Security Manager
YAP Pakistan
Date: 2 weeks ago
City: Lahore
Contract type: Full time
The Information Security Manager will be responsible for developing and implementing a comprehensive information security program to protect YAP’s assets, data, and reputation. This role requires a strong understanding of cybersecurity best practices, risk management, and compliance regulations.
Requirements
At least 5 years of relevant experience in information security, cybersecurity, or a closely related field, with progressive responsibility in managing security programs and teams.
Responsibilities
Security Strategy Development
Send your updated CV to [email protected] with the subject line: Information Security Manager.
Requirements
At least 5 years of relevant experience in information security, cybersecurity, or a closely related field, with progressive responsibility in managing security programs and teams.
Responsibilities
Security Strategy Development
- Develop and implement an enterprise-wide information security strategy aligned with YAP’s business objectives.
- Design and implement, maintain security policies, standards, and procedures to safeguard information assets.
- Conduct regular risk assessments and threat modeling to identify vulnerabilities and potential threats to business operations.
- Develop and implement risk mitigation strategies and security controls to address identified risks.
- Monitor and analyze security incidents, ensuring appropriate response measures are implemented.
- Ensure compliance with relevant security regulations, standards, and frameworks, such as PCI DSS, and ISO 27001.
- Oversee third-party vendor risk assessments to ensure alignment with security requirements.
- Conduct regular audits and assessments to verify compliance and ensure adherence to security policies.
- Oversee the protection of sensitive data, including customer data, financial information, and intellectual property.
- Implement and maintain data loss prevention (DLP) measures and ensure compliance with data privacy regulations.
- Develop and manage an incident response plan to address and mitigate security breaches and incidents.
- Lead investigations into security incidents, coordinating with relevant stakeholders, law enforcement, and authorities when necessary.
- Develop and maintain a robust disaster recovery and business continuity plan to minimize downtime and data loss during disruptions.
- Oversee the implementation and maintenance of security controls, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection tools.
- Collaborate with IT and development teams to ensure secure infrastructure, applications, and architecture.
- Regularly perform vulnerability assessments, penetration testing, and system hardening to enhance security posture.
- Develop and deliver security awareness training programs for employees to promote a culture of security.
- Regularly update staff on evolving cybersecurity threats and best practices to ensure vigilance across the organization.
- Implement security monitoring tools and processes to detect and respond to threats proactively.
- Prepare and present regular reports on security metrics, risks, and incidents to executive leadership, enabling informed decision-making.
- Lead, mentor, and manage the information security team, including hiring, onboarding, performance evaluations, and professional development of team members.
- Foster a high-performing team culture focused on accountability, collaboration, and continuous improvement in cybersecurity practices.
- Allocate resources effectively, set team goals, and ensure the team has the necessary skills and tools to support the organization’s security objectives.
- Work closely with product, development, and IT teams to integrate security throughout the product lifecycle.
- Act as a subject matter expert on security matters, providing guidance to internal teams and external partners.
- Stay updated on emerging cybersecurity trends, technologies, and threats to proactively enhance security measures.
- Evaluate, recommend, and implement advanced security technologies to strengthen YAP’s defense capabilities.
- Ensure secure design principles are embedded in all technical projects to future-proof the organization’s security framework.
Send your updated CV to [email protected] with the subject line: Information Security Manager.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Data Analyst Intern
Eletech Solutions,
Lahore
1 day ago
Back to CareersDataData Analyst InternLahore, Pakistan Part-time PKR 40k - 60k Posted September 2025PythonSQLData AnalyticsGreat opportunity for aspiring data professionals! Work alongside our data team to analyze client data, build dashboards, and develop insights that drive business decisions.Requirements Currently enrolled in a CS, Data Science, or related degree Basic proficiency in Python and SQL Familiarity with data visualization tools (Tableau,...
Assistant Technical Sales Manager - Chefiality
Taraki,
Lahore
3 days ago
Our client Chefiality is hiring a Assistant Technical Sales Manager in Lahore.We are seeking a dynamic, results-driven professional to join our growing team as an Assistant Technical Sales Manager.Key Responsibilities Development of distributors and customers within the food industry Promotion and sales of Flavor & Fragrance products Sales and technical support for Food Ingredients Building strong customer relationships and identifying...
Business Development Specialist - Filtration
FORMULATRIX,
Lahore
4 days ago
Business Unit: FiltrationTerritory: Northeast USAbout the Company:Based in Bedford, USA, FORMULATRIX is a fast-growing robotic automation solution provider to leading pharmaceutical companies and research institutions worldwide. Originally founded as a software company in 2002, FORMULATRIX is now a global leader in both hardware and software solutions for laboratory automation. Our business is international in scope with offices in the United...