Information Security Governance, Risk, and Compliance Officer

IT
Colombo
March 9, 2025
රු100,000 - රු200,000
Full Time Government
Application ends: March 24, 2025
Apply Now

Apply for this job

Upload CV (doc, docx, pdf)

Job Description

Location: Colombo, Sri Lanka

Company: People’s Bank

About Us:
People’s Bank, a premier bank in Sri Lanka with the largest customer base, has been providing innovative financial solutions to its diversified clientele for over six decades. We offer a conducive environment for those who strive for excellence and believe in professionalism.

Position Overview:
We are seeking a talented and dynamic individual to join our team as an Information Security Governance, Risk, and Compliance Officer. This role is crucial in ensuring the security and compliance of our information systems.

Key Responsibilities:

  • Implement a comprehensive information security governance program, aligning it with the Bank’s overall business strategy and risk management approach.
  • Drive and manage the organization’s information security compliance efforts, ensuring adherence to relevant regulations and industry best practices.
  • Implement and manage all elements of the ISO27001:2022 ISMS documentation, including Policies, Standards, Controls, associated risk and exceptions registers, and compliance testing.
  • Lead Information Security Risk Management, identifying, assessing, and managing information security risks across the Bank.
  • Partner with other departments to identify, assess, and mitigate information security risks proactively.
  • Lead internal and external assurance activities, certification and compliance audits, including controls gaps analysis and effectiveness assurance reviews across the Bank.
  • Collaborate with both internal and external auditors and key stakeholders effectively to continually improve the posture of Information Security across the Bank.
  • Champion a culture of security awareness by developing and delivering security awareness programs and training initiatives for employees.
  • Establish and maintain key security metrics and reporting processes to track the effectiveness of the security posture of the Bank and measure progress towards security goals.
  • Foster strong working relationships with key stakeholders across the organization to ensure alignment and support for the Bank’s information security initiatives.

Qualifications:

  • Bachelor’s or Master’s degree in Information Security or Information Technology specialized in Information Security from a recognized university or degree-awarding institute.
  • Alternatively, a Bachelor’s or Master’s degree in Information Technology with at least one of the following professional certifications:
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Systems Security Professional (CISSP)

Experience:

  • Minimum of 3 years of proven work experience in Information Security Governance, risk management, or a related field.
  • Knowledge and experience of industry security standards (PCI DSS, ISO 27001, etc.) and regulatory requirements.
  • Strong understanding of information security principles, practices, and technologies.
  • Excellent analytical and problem-solving skills with the ability to identify and mitigate security risks.
  • Excellent written and verbal communication skills.

Age:

  • Preferably below 45 years as of the closing date of applications.

Selection Method:

  • Shortlisted applicants based on the stipulated qualifications will be called for an interview. The appointment will be made on a contract basis, and performance will be evaluated annually.

Remuneration:

  • An attractive and negotiable remuneration package commensurate with qualifications and experience will be offered to the selected candidate.

How to Apply:
Please send details of achievements and experience relevant to the job applied for, along with your curriculum vitae, copies of certificates, and contact numbers of two non-related referees. The post applied for should be stated in the subject line of the email and sent to trecruit@peoplebank.lk on or before 24.03.2025.

An email confirmation of receipt will be sent upon receipt of the curriculum vitae. If a confirmation has not been received within a reasonable period, you may inquire about the application at 0112481542/0112481416.

All applications will be treated in strict confidentiality, and any form of canvassing will be regarded as a disqualification. Incomplete and non-complying applications will be rejected.

Note:
The Bank reserves the right to decide the number of vacancies, postponement or cancellation of recruitment, or any other information not included in the advertisement.

Contact:
Deputy General Manager (Human Resources)
People’s Bank – Head Office
No. 75, Sir Chittampalam A. Gardiner Mawatha, Colombo – 02.

Join Us and Be Part of a Secure Future!

Related Jobs