BRAC Bank Limited,pioneer in SME Banking, and having a strong focus in Corporate & Retail Banking delivers a full array of banking services to individuals as well as business entities. Our financial results in all sectors along with multiple international and local credit ratings & multiple annual accounts awards speak of our aspiration, transparency and teamwork towards the common objectives of becoming the best bank in the country. While we thrive in the present, we invest continuously for the future especially in technology and people. With our diversified business model and unmatched network of 187 Branches, 448 ATMs, 456 SME Unit Offices, 99 Agent Banking Outlets, 11 Regional Operations Office and 224 remittance delivery points, we continue to recognize that our people are our principal strength. We are a team of diverse and talented individuals who take the bank forward towards excellence in every area we work in every day. BRAC Bank Limited is the 1st and only Bangladeshi bank awarded with ISO 27001:2013 certification for Information Security function and has established 24x7 Security Operations Center (SOC). To support its continuous growth, BRAC Bank is currently looking for ambitious, smart, goal-oriented, and enthusiastic individuals for the following position:

Manager - Software Security & Risks, Information Security Department

Employment Type: Full Time Employment
Job Location: Dhaka


  • Be part of the digital road map and responsible for ensuring security into the development/acquisition of applications/integration/FinTech initiatives. Work closely in technology projects to threat model, vulnerability scan, and pen test the software, system and identify required control points in the application stack. Also to diagnose, document, and remediate application and database security vulnerabilities.
  • Secure code review and ensure Database security. Provides 360 risk assessments and cyber security briefings and advises of critical issues that may affect cyber security objectives. Identifies potential areas where existing information security policies and procedures require change, or where new ones need to be developed, especially regarding new applications and architectures. Conduct technical in-depth security analysis of systems to identify gaps and find remediation. Recommends, integrates and maintains security tool sets.
  • Identification, assessment, mitigation, monitoring, governance, and reporting of software vulnerability throughout IT and large-scale development programs such as Digital Transformation.
  • Ensure proper technology risk considerations are addressed at each phase of the system development life cycle (SDLC) and provide proactive solutions to correct exposures or mitigate risk.
  • Evaluates and recommends cyber security solutions, and/or procedures to enhance productivity and effectiveness. Maintains awareness of cyber trends, threats, and vulnerabilities. Other tasks and responsibilities as assigned.


  • BSc/MSc degree in Information Security, Cyber Security, Computer Science or related fields is required.
  • Professional industry certifications and experience in Application Security and Database security is recommended. CASE/CASS/GWEB, CPEH/CEH, GWAPT/ LPT/CSXP and OCP is expected. CISM/CISSP/ CSSLP would be an advantage.


  • Minimum 5 years of Working experience in Information Security as primary responsibility or minimum 8 years IT experience with Application as a primary responsibility and strong Application/Database security focus as a secondary job duty required.
  • Knowledge and experience with application and Database vulnerability assessment and remediation. Some knowledge and developer experience with programming languages, such as C#, Java.
  • Knowledge and experience with NIST, OWASP desired. Experience on implementing/managing security programs and controls. Knowledge of various security methodologies and processes, and technical security solutions. The candidate must be familiar with security principles and concepts.
  • Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach. Accountable for successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
  • Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate. Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.

Only short listed candidates will be called for the interview as per recruitment process. BRAC Bank reserves the right to accept or reject any application without assigning any reason whatsoever.

If you are interested to be a part of this diversified BRAC Bank family, then please Apply Online.

BRAC Bank does not charge any fee at any stage of the recruitment process. Please note that BRAC Bank is an equal opportunity employer. Any form of persuasion will disqualify the candidature before or after the final selection


Application Deadline: July 20, 2019