Information Security Governance, Risk, and Compliance Officer

Job Description

Location: Colombo, Sri Lanka
Company: People’s Bank
Employment Type: Full-Time (Contract Basis)

About Us:
People’s Bank, a premier financial institution in Sri Lanka with the largest customer base, has been providing innovative financial solutions for over six decades. We are committed to excellence and professionalism, and we are looking for a talented and dynamic individual to join our team as the Information Security Governance, Risk, and Compliance Officer.

Key Responsibilities:

• Implement and manage a comprehensive information security governance program aligned with the bank’s business strategy and risk management approach.
• Drive and manage the organization’s information security compliance efforts, ensuring adherence to relevant regulations and industry best practices.
• Implement and manage all elements of the ISO 27001:2022 ISMS documentation, including policies, standards, controls, risk registers, and compliance testing.
• Lead information security risk management by identifying, assessing, and managing risks across the bank.
• Partner with other departments to proactively identify, assess, and mitigate information security risks.
• Lead internal and external assurance activities, certification audits, and compliance reviews, including controls gap analysis and effectiveness assurance.
• Collaborate with internal and external auditors and key stakeholders to continually improve the bank’s information security posture.
• Develop and deliver security awareness programs and training initiatives to foster a culture of security awareness among employees.
• Establish and maintain key security metrics and reporting processes to track the effectiveness of the bank’s security posture and measure progress toward security goals.
• Build strong working relationships with key stakeholders to ensure alignment and support for the bank’s information security initiatives.

Qualifications:

• Bachelor’s or Master’s degree in Information Security, Information Technology (specialized in Information Security), or a related field from a recognized university or degree-awarding institute.
• Alternatively, a Bachelor’s or Master’s degree in Information Technology with one of the following professional certifications:
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Security Professional (CISSP)

Required Experience:

• Minimum of 3 years of proven experience in information security governance, risk management, or a related field.
• Knowledge and experience with industry security standards (e.g., PCI DSS, ISO 27001) and regulatory requirements.
• Strong understanding of information security principles, practices, and technologies.
• Excellent analytical and problem-solving skills with the ability to identify and mitigate security risks.
• Strong written and verbal communication skills.

Age: Preferably below 45 years as of the application closing date.

Method of Selection:
Shortlisted candidates will be called for an interview. The appointment will be made on a contract basis, with annual performance evaluations.

Remuneration:
An attractive and negotiable remuneration package commensurate with qualifications and experience will be offered.

How to Apply:
Please send your CV, copies of certificates, and details of relevant achievements and experience to trecruit@peoplebank.lk by 24th March 2025. Ensure the subject line of the email states the position applied for. Include contact details of two non-related referees.

Contact Information:
For inquiries, call 011 248 1542 or 011 248 1416.

Note:

• All applications will be treated confidentially.
• Incomplete or non-compliant applications will be rejected.
• The bank reserves the right to decide on the number of vacancies, postponement, or cancellation of the recruitment process.

Join People’s Bank and be part of a team that values innovation, security, and excellence in the financial sector!

Deputy General Manager (Human Resources)
People’s Bank – Head Office
No. 75, Sir Chittampalam A. Gardiner Mawatha, Colombo – 02.