BRAC Bank is one of the top sustainable banks in Bangladesh. Established with a view to drive financial inclusion, BRAC Bank is the pioneer of SME Banking in Bangladesh, delivering a full array of banking services to individuals and business entities. Its strong financials, along with the best credit rating from the top global and local rating agencies and numerous recognitions, speak of the bank's aspiration towards becoming the best bank in the country.

BRAC Bank seeks an ambitious, intelligent, goal-oriented and enthusiastic individual for the following position in Risk Management Division:

Associate Manager, Software Security & Risks, Information Security

Employment Type: Full Time


  • Be part of the digital road map and responsible for ensuring security into the development/acquisition of applications/integration/FinTech initiatives.
  • Work closely in technology projects to threat model, vulnerability scan, and pen test the software, system, and network architecture and identify required control points in the application stack.
  • Diagnose, document, and remediate application and database security vulnerabilities.
  • Secure code review and ensure Database security. Provide 360 risk assessments and cyber security briefings and advise of critical issues that may affect cyber security objectives.
  • Conduct technical in-depth security analysis of systems to identify gaps, find remediation and recommend, integrates, and maintains security tool sets.
  • Vetting any application changes are in line with Business requirement compliance with BB guideline and as per process & standard.
  • Support the development of the DRP and BCP for systems, and tests readiness.
  • Evaluate and recommend cyber security products, services, and/or procedures to enhance productivity and effectiveness.
  • Maintain awareness of cyber trends, threats, and vulnerabilities
  • Periodic application review to ensure whether the system is performing well, fulfilling Business requirement and in compliance or not.
  • Review User Access Control & vetting Privilege Management of the system.


  • Graduation or master’s degree from any reputed UGC approved university with satisfactory academic track record. Degree in Information Security, Cyber Security, Computer Science or related fields is preferred.
  • Professional industry certifications and experience in Application Security and Database security is recommended. CPEH/CEH and GIAC, CSXP, CSSLP, LPT, OCP is expected. CISM/CISSP would be an advantage.
  • Minimum 5 years of Working experience in Information Security as primary responsibility or minimum 8 years IT experience with Application as a primary responsibility and strong Application/Database security focus as a secondary job duty required.
  • Knowledge and experience with application and Database vulnerability assessment and remediation, NIST, OWASP is desired.
  • Experience of implementing/managing security programs and controls.
  • Knowledge of various security methodologies and processes, and technical security solutions; familiarity with security principles and concepts.
  • Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate
  • Self-propelled, proficient in customer-centricity, team player, and capable of meeting deadlines.

BRAC Bank is a values-driven organization that protects all its stakeholders, including the coworkers and the community we work in, from harassment, abuse, neglect, exploitation, and discrimination. As an equal opportunity enabler, BRAC Bank encourages applications from any gender-diverse individuals and persons living with a disability. We consider personal persuasion as a disqualification of candidature.

If you want to take up the challenge, please 'Apply Online'.

Apply Now

Only short-listed candidates will be communicated for the next stage as per the recruitment process. BRAC Bank reserves the right to accept or reject any application without assigning any reason whatsoever.

BRAC Bank does not charge any fee at any stage of the recruitment process.

Application Deadline: March 2, 2024