Senior Deputy Manager

Banking
Sri Lanka
November 30, 2025
LKR 100000 - LKR 200000
Full Time
Application ends: December 11, 2025
Apply Now

Job Description

πŸ›‘οΈ Senior Deputy Manager – Information Security

Here is a summary of the key responsibilities and requirements for the Senior Deputy Manager – Information Security position at NDB Bank.

πŸ’Ό The Job (Key Responsibilities)

The role is pivotal in safeguarding the bank’s information assets and ensuring regulatory compliance. Key responsibilities include:

  • Information Security Committee (ISC): Actively participating in the ISC and driving initiatives to meet regulatory expectations.
  • Compliance & Risk: Identifying security compliance gaps against applicable regulatory and industry standards, and driving remediation efforts.
  • Standards Implementation: Implementing ISO/IEC 27035 (Information Security Incident Management) and other relevant ISO standards, ensuring alignment with the CBSL Technology Risk Management Framework.
  • ISMS & ISO 27001: Expanding and maintaining the Bank’s Information Security Management System (ISMS) and supporting continuous improvement initiatives around ISO/IEC 27001.
  • Policy Development: Developing, implementing, and periodically reviewing Information Security policies and end-user guidelines.
  • Security Controls: Leading and coordinating user access reviews, enforcing endpoint security controls (like email security and removable media controls), and monitoring compliance.
  • Data Protection: Maintaining and improving data classification frameworks, including the Data Loss Prevention (DLP) strategy.
  • Awareness: Developing and executing a comprehensive Information Security Awareness Program for all employees.
  • Business Support: Supporting business units and IT teams on policy interpretation and secure-by-design principles.

πŸ§‘β€πŸ’» The Person (Required Qualifications & Experience)

The ideal candidate will possess a strong blend of academic knowledge, professional certifications, and hands-on experience:

  • Education: A Bachelor’s degree in Information Technology, Information Security, Computer Science, or a related discipline.
  • Certifications (Highly Desirable): Professional certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or ISO 27035 Practitioner.
  • Experience:
    • A minimum of 5–7 years of solid experience in Information Security, particularly in regulated industries such as banking and finance.
    • Deep understanding of regulatory frameworks (CBSL, SEC, CSE) and compliance standards (e.g., PCI DSS, ISO standards).
    • Proven experience in ISMS implementation, security compliance audits, and incident management frameworks.
  • Skills: Strong leadership, communication, and stakeholder engagement skills.
  • Mindset: Analytical and innovative, with a proactive approach to addressing compliance gaps.

πŸ“… How to Apply

  • Application Link: Please apply to https://www.ndbbank.com/careers
  • Deadline: Before 02nd December 2025.

Related Jobs