Information Security Manager

YAP Pakistan


Date: 2 weeks ago
City: Lahore
Contract type: Full time
The Information Security Manager will be responsible for developing and implementing a comprehensive information security program to protect YAP’s assets, data, and reputation. This role requires a strong understanding of cybersecurity best practices, risk management, and compliance regulations.

Requirements

At least 5 years of relevant experience in information security, cybersecurity, or a closely related field, with progressive responsibility in managing security programs and teams.

Responsibilities

Security Strategy Development

  • Develop and implement an enterprise-wide information security strategy aligned with YAP’s business objectives.
  • Design and implement, maintain security policies, standards, and procedures to safeguard information assets.

Risk Management

  • Conduct regular risk assessments and threat modeling to identify vulnerabilities and potential threats to business operations.
  • Develop and implement risk mitigation strategies and security controls to address identified risks.
  • Monitor and analyze security incidents, ensuring appropriate response measures are implemented.

Compliance and Governance

  • Ensure compliance with relevant security regulations, standards, and frameworks, such as PCI DSS, and ISO 27001.
  • Oversee third-party vendor risk assessments to ensure alignment with security requirements.
  • Conduct regular audits and assessments to verify compliance and ensure adherence to security policies.

Data Security

  • Oversee the protection of sensitive data, including customer data, financial information, and intellectual property.
  • Implement and maintain data loss prevention (DLP) measures and ensure compliance with data privacy regulations.

Incident Response and Recovery

  • Develop and manage an incident response plan to address and mitigate security breaches and incidents.
  • Lead investigations into security incidents, coordinating with relevant stakeholders, law enforcement, and authorities when necessary.
  • Develop and maintain a robust disaster recovery and business continuity plan to minimize downtime and data loss during disruptions.

Technical Security Oversight

  • Oversee the implementation and maintenance of security controls, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection tools.
  • Collaborate with IT and development teams to ensure secure infrastructure, applications, and architecture.
  • Regularly perform vulnerability assessments, penetration testing, and system hardening to enhance security posture.

Security Awareness and Training

  • Develop and deliver security awareness training programs for employees to promote a culture of security.
  • Regularly update staff on evolving cybersecurity threats and best practices to ensure vigilance across the organization.

Monitoring and Reporting

  • Implement security monitoring tools and processes to detect and respond to threats proactively.
  • Prepare and present regular reports on security metrics, risks, and incidents to executive leadership, enabling informed decision-making.

People Management

  • Lead, mentor, and manage the information security team, including hiring, onboarding, performance evaluations, and professional development of team members.
  • Foster a high-performing team culture focused on accountability, collaboration, and continuous improvement in cybersecurity practices.
  • Allocate resources effectively, set team goals, and ensure the team has the necessary skills and tools to support the organization’s security objectives.

Stakeholder Collaboration

  • Work closely with product, development, and IT teams to integrate security throughout the product lifecycle.
  • Act as a subject matter expert on security matters, providing guidance to internal teams and external partners.

Innovation and Continuous Improvement

  • Stay updated on emerging cybersecurity trends, technologies, and threats to proactively enhance security measures.
  • Evaluate, recommend, and implement advanced security technologies to strengthen YAP’s defense capabilities.
  • Ensure secure design principles are embedded in all technical projects to future-proof the organization’s security framework.

How To Apply

Send your updated CV to [email protected] with the subject line: Information Security Manager.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Data Analyst Intern

Eletech Solutions, Lahore
1 day ago
Back to CareersDataData Analyst InternLahore, Pakistan Part-time PKR 40k - 60k Posted September 2025PythonSQLData AnalyticsGreat opportunity for aspiring data professionals! Work alongside our data team to analyze client data, build dashboards, and develop insights that drive business decisions.Requirements Currently enrolled in a CS, Data Science, or related degree Basic proficiency in Python and SQL Familiarity with data visualization tools (Tableau,...

Assistant Technical Sales Manager - Chefiality

Taraki, Lahore
3 days ago
Our client Chefiality is hiring a Assistant Technical Sales Manager in Lahore.We are seeking a dynamic, results-driven professional to join our growing team as an Assistant Technical Sales Manager.Key Responsibilities Development of distributors and customers within the food industry Promotion and sales of Flavor & Fragrance products Sales and technical support for Food Ingredients Building strong customer relationships and identifying...

Business Development Specialist - Filtration

FORMULATRIX, Lahore
4 days ago
Business Unit: FiltrationTerritory: Northeast USAbout the Company:Based in Bedford, USA, FORMULATRIX is a fast-growing robotic automation solution provider to leading pharmaceutical companies and research institutions worldwide. Originally founded as a software company in 2002, FORMULATRIX is now a global leader in both hardware and software solutions for laboratory automation. Our business is international in scope with offices in the United...