BRAC Bank is one of the most sustainable banks in Bangladesh. Established with a view to financial inclusion, BRAC Bank is the pioneer of SME Banking in Bangladesh, delivering a full array of banking services to individuals and business entities. Its strong financials, along with the best credit rating from the top global and local rating agencies and numerous recognitions, speak of the bank's aspiration towards becoming the best bank in the country.

BRAC Bank is currently looking for an ambitious, intelligent, goal-oriented, enthusiastic individual for the following position in its Risk Management Division:

Senior Manager/Unit Head, GRC and Data Security

Employment Type: Full Time

KEY RESPONSIBILITIES:

  • Contribute to the information security vision and programming for policy creation, training, and risk assessment to ensure that information assets and technologies are adequately protected;
  • Implement security controls, risk assessment framework, and program that aligns with regulatory requirements, ensuring documented and sustainable compliance that aligns and advances BRAC Bank’s business objectives;
  • Contribute to data security and privacy and manage data security tools;
  • Evaluate risks and develop security standards, procedures, and controls to manage risks;
  • Improve the bank’s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities;
  • Implement processes, such as GRC (Governance, Risk, and Compliance), to automate and continuously monitor information security controls, exceptions, risks, and testing;
  • Update security controls and provide support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally-Identifying Information (PII) data, Payment Card Industry Data Security Standards (PCI DSS), ISO, and payment partners (Visa, Mastercard, JCB, SWIFT, etc.);
  • Perform and investigate internal and external information security risks and exception assessments; 
  • Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test results, phishing, and social engineering tests and attacks;
  • Document and report control failures and gaps to stakeholders;
  • Provide remediation guidance and prepare management reports to track remediation activities;
  • Train, guide, and act as a resource on Information Security functions to other departments within the bank; 
  • Interact in verbal and written communications with all internal stakeholders and work with internal/external auditors and external consultants as appropriate on required security assessments and audits;
  • Manage the security awareness training programs and strategies to address awareness and training for all stakeholders;
  • Knowledge of the best practices and technological advancements;
  • Perform other duties as assigned.

KEY QUALIFICATIONS:

  • Graduate from a reputed university from reputed university.  Candidate having degree in Information Security, Cyber Security, Computer Science or IT-related fields is preferred.
  • Certifications in CISM/ CISSP/ CCISO, CISA/ LI27001, CEH/ CPEH, CPT/ LPT, ITIL/ COBIT/ CMMC/G IAC, and CRISC/ CGEIT preferred;
  • At least 10 years of experience in an information security environment with more than 5 years in a supervisory or management role; 
  • Experience in governance, risk, and compliance leadership is highly preferred;
  • Knowledge of information security risk management frameworks and compliance practices, including ISO27005, ISO 22301, ISO 27001/2, GDPR, and NIST 800-30;
  • Ability to understand and translate pre-established policy, standards, and compliance regulations and produce tactical, operational procedures;
  • Ability to understand and apply assessment and audit components to security controls that measure performance, reliability, and compliance;
  • Knowledge of banking systems is preferred;
  • Expert in customer-centricity, results-oriented, and self-propelled.

BRAC Bank is a values-driven organization and believes in protecting all its stakeholders, including the employees and the community we work with, from all forms of harassment, abuse, neglect, exploitation, and discrimination. As an equal opportunity employer, BRAC Bank encourages applications from any gender-diverse individuals and persons with disability. We consider personal persuasion as disqualification of candidature

If you are interested in taking up the challenge, please 'Apply Online'.

Only short-listed candidates will be communicated for the next stage as per the recruitment process. BRAC Bank reserves the right to accept or reject any application without assigning any reason whatsoever.

BRAC Bank does not charge any fee at any stage of the recruitment process.

Application Deadline: 24 September, 2022