Information Security Manager

Software Finder Careers


Date: 6 hours ago
City: Lahore
Contract type: Full time
Job Overview

Software Finder is seeking an experienced and strategic Information Security Manager to lead the organization's cybersecurity and information security initiatives. This role is responsible for developing, implementing, and continuously improving the organization's Information Security Management System (ISMS), ensuring the confidentiality, integrity, and availability of business, customer, and employee data.

The ideal candidate will have extensive experience in cybersecurity governance, security operations, risk management, regulatory compliance, and leading high-performing security teams. You will work closely with cross-functional stakeholders to strengthen the organization's security posture, ensure compliance with international security standards, and proactively manage evolving cyber threats.

Key Responsibilities

  • Lead the development, implementation, and continuous improvement of the organization's Information Security Management System (ISMS).
  • Define, implement, and maintain enterprise-wide information security policies, standards, procedures, and governance frameworks.
  • Ensure compliance with ISO 27001, SOC 2, NIST CSF, GDPR, HIPAA, and other applicable security and regulatory standards.
  • Oversee Security Operations Center (SOC) functions, including security monitoring, threat detection, incident response, and forensic investigations.
  • Manage enterprise security technologies including SIEM, SOAR, EDR/XDR, firewalls, endpoint protection, email security, identity and access management (IAM), and cloud security platforms.
  • Lead vulnerability management, patch management, penetration testing coordination, and security remediation activities.
  • Conduct enterprise risk assessments, maintain the cybersecurity risk register, and implement effective mitigation strategies.
  • Develop and maintain Business Continuity (BCP), Disaster Recovery (DR), and Business Impact Analysis (BIA) programs.
  • Oversee identity lifecycle management, privileged access controls, and least-privilege security practices.
  • Manage Data Loss Prevention (DLP), encryption standards, and data protection controls across the organization.
  • Lead cybersecurity incident investigations, root cause analysis, and post-incident improvement initiatives.
  • Support internal and external security audits while ensuring all compliance documentation remains current and audit-ready.
  • Assess third-party vendors for security risks and ensure compliance with organizational security requirements.
  • Plan and execute organization-wide security awareness programs, phishing simulations, and employee cybersecurity training.
  • Collaborate with Engineering, IT, Product, Legal, HR, and executive leadership to embed security best practices across business operations.
  • Monitor emerging cybersecurity threats, industry trends, and recommend proactive improvements to strengthen organizational resilience.
  • Lead, mentor, and develop the cybersecurity team while fostering a culture of security awareness and continuous improvement.

Requirements

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, Information Systems, or a related field.
  • 8–10 years of progressive experience in information security, cybersecurity, IT governance, or risk management.
  • 3–5 years of leadership experience managing security operations, governance, compliance, and security teams.
  • Strong hands-on experience implementing and managing enterprise Information Security Management Systems (ISMS).
  • Proven expertise in cybersecurity governance, enterprise risk management, and security policy development.
  • Experience managing SOC operations, SIEM platforms, incident response, vulnerability management, and security monitoring.
  • Strong understanding of endpoint, network, cloud, email, and application security technologies.
  • Experience implementing identity and access management (IAM), privileged access management, and Zero Trust principles.
  • In-depth knowledge of regulatory and security frameworks including ISO 27001, SOC 2, NIST CSF, GDPR, and HIPAA.
  • Experience supporting internal/external audits, security assessments, and penetration testing initiatives.
  • Excellent analytical, leadership, stakeholder management, communication, and problem-solving skills.
  • Ability to translate complex security risks into practical business recommendations.

Preferred Skills

  • Professional security certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer/Lead Auditor, or equivalent.
  • Experience with Microsoft Sentinel, Splunk, QRadar, Microsoft Defender, CrowdStrike, or similar enterprise security platforms.
  • Strong understanding of cloud security across AWS, Azure, or Google Cloud Platform.
  • Experience implementing Data Loss Prevention (DLP), encryption, key management, and secure data governance practices.
  • Familiarity with DevSecOps, secure software development lifecycle (SSDLC), and cloud-native security controls.
  • Experience managing third-party security assessments, vendor risk management, and regulatory compliance initiatives.
  • Ability to lead cross-functional security projects in fast-paced technology environments.
  • Strong mentoring and people management skills with experience building and developing high-performing security teams.

Location: Lahore, Pakistan (On-site)

Working Hours: 11:00 AM – 8:00 PM PKT

Software Finder is a leading B2B SaaS marketplace that helps businesses discover, compare, and select the right software solutions. Our platform connects companies with tailored software options based on their unique needs, supported by verified reviews and expert insights.

With a growing portfolio of software categories and a global user base, Software Finder is committed to simplifying the software selection process and empowering businesses to make informed decisions.

Our team is driven by a shared mission to innovate, collaborate, and deliver value to our users. As we continue to grow, we are always looking for talented individuals who are passionate about technology, customer success, and making an impact.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Business Analyst

Nestlé, Lahore
3 days ago
Position SnapshotLocation: Lahore, PakistanJob Type: Full-timeQualification: CA, ACCA, ACMA, MBA with majors in FinanceExperience: 3-4 years FMCG industry experience in financial planning, analysis, reporting, internal controlPosition Summary:Supporting the Business Unit Controller in implementing business planning processes across the business (MBS, DF, RCR, QIR, I2L) by ensuring flawless execution and high quality of deliverables and providing insight and fact based information...

Dispatcher and Sales Agent - TJ / 1862188

Recruit AI, Lahore
PKR 100,000 per month
4 days ago
Our client AS Logistics Solution is looking for a Dispatcher and Sales Agent in LahoreAS Logistics Solution is seeking a motivated Dispatcher and Sales Agent to efficiently coordinate transportation logistics while maintaining strong client relationships. This role requires a professional who excels at multitasking and communication, ensuring that delivery routes are optimized and customer needs are met promptly and effectively....

Amazon PPC Manager

Navigator HR Consulting Solutions, Lahore
4 days ago
Position: Amazon PPC manager for USA marketGender Preference: female candidateLocation: Lahore OnsiteLocation Preference: LahoreSalary Range: 100k to 110kOffice Timing: 5 PM to 2 AM or 4 PM to 1 AMWorking hours: 8, Monday to SaturdayKey Responsibilities Manage and optimize Amazon PPC campaigns. Conduct keyword research and competitor analysis. Monitor campaign performance and improve ROAS/ACOS. Analyze advertising data and prepare performance...