Grade Level : L2
Function : Digital Financial Services
Location : Islamabad
Last date to apply : Sep 17th, 2021
What is Expert Information Security role ?
Information security expert is responsible for performing end-to-end vulnerability assessment of Jazzcash eco-system and penetration testing of all existing and new applications moving into production.
The role reports directly to the Stream Head DFS Planning and Operations. The role is empowered to execute the critical information security tasks with strong authority and limited oversight from the manager.
What does Expert Information Security do?
Penetration testing and vulnerability assessment. Penetration testing of web, mobile, APIs, IOT devices. Recommend safeguards as pre-emptive measures.
Design, develop and maintain a robust application security framework.
Implementation of cyber security framework and information security management system.
Identify loopholes in the developer / security systems of built servers, web portals / dashboards, user applications of Jazz.
Ensures the security / data protection for applications vulnerable to external hackers.
Review software source code to identify potential security issues and vulnerabilities that could be exploited by hackers to gain unauthorized access to data and system resources.
Performs relevant preventive measures to protect leakage of confidential / sensitive information.
Reports cyber scams, phishing / malicious links / content and financial fraudulent activities with relevant evidence to concerned authorities.
These responsibilities are carried out with the objective to ensure safety of confidential and sensitive organizational data and prevention from Internet scams and frauds accordingly for smooth business processes within the limits of organizations SOP, departmental KPIs and operating frameworks, directions and guidelines from supervisor and line managers.
Investigating phishing attacks and analysing root causes of security incidents.
Monitoring and handling fraud cases together with malware attacks.
Documentation of security incidents and reporting to management.
Maintain suitable knowledge of threats, risk assignment, remediation strategies, security tools and testing techniques.
Implement and act in accordance with Jazz information security and privacy policies.
Ensure compliance with information security responsibilities specific to your job role.
Sound knowledge of incident management lifecycle and threat hunting.
Risk assessment and Security gap analysis
Security architecture and threat modelling
Planning and implementing ISMS
Source code review
Incident response and threat hunting
Jazz is an equal opportunity employer. We celebrate, support, and thrive on diversity and are committed to creating an inclusive environment for all employees.
What are we looking for and what does it require to be Expert Information Security?
BS / MS degree in computer science, information security, network security or related discipline
3+ years hands-on experience required with information security management
Skilled at penetration testing and vulnerability assessment
Proactive in proposing and contributing to new service ideas and development
CEH, OSCP, eWPTx or other related certification is preferred.
Must have hands-on experience on information security tools and technologies
Application security knowledge
Friendly and helpful to clients, colleagues and other stakeholders
Experience with conducting audits and ensuring compliance with existing policies and procedures.
Embrace a flexible approach to working, both in the context of working out of normal office hours and being able to manage a number of different tasks at once.
Knowledge of new developing attack methods
Ability to work in a fast-paced environment
Strong communication skills, both written and verbally
Experience in working on digital financial services is preferable
Fully embrace our company values of integrity, commitment and excellence
Why Join Jazz?
As one of the leading employers in the country, Jazz epitomizes the philosophy that each Jazz employee is passionately living a better every day inspired and enabled by visionary leadership, a unique professional culture, a flourishing lifestyle, and continuous learning and development.
As one of the largest private sector organizations in Pakistan, our objective is to continue to change the lives of our 69 million customers for the better.
This is an opportunity for someone who wants to be part of something transformative, someone who can play a critical role in driving our success.
Together, we can empower millions more with the tools necessary to progress in an increasingly digital economy.