Assistant Manager, InfoSec & GRC

Job Description

Title: Assistant Manager, InfoSec & GRC

Company Name: SEBPO

Vacancy: --

Age: Na

Job Location: Anywhere in Bangladesh

Salary: Negotiable

Experience:

• At least 4 years
• The applicants should have experience in the following business area(s): Software Company, IT Enabled Service, BPO/ Data Entry Firm, Bakery (Cake, Biscuit, Bread), Agro based Startup, Healthcare Startup, E-commerce Startup, Advertising Technology (AdTech) Startup

• Bachelor of Science (BSc) in Computer Science, Information Technology

• At least 4 years
• The applicants should have experience in the following business area(s): Software Company, IT Enabled Service, BPO/ Data Entry Firm, Bakery (Cake, Biscuit, Bread), Agro based Startup, Healthcare Startup, E-commerce Startup, Advertising Technology (AdTech) Startup

About the Role:

We are seeking a detail-oriented Assistant Manager of InfoSec & GRC to supervise our daily cybersecurity operations and ensure rigorous adherence to global compliance standards. You will be responsible for implementing security controls, managing risk assessments, and ensuring our defensive posture is aligned with organizational policies. This role is ideal for a technical security professional looking to transition into a management track while maintaining a hands-on approach.

Key Responsibilities:

Operational Oversight & Team Support

• Supervise the day-to-day activities of the InfoSec & GRC team, ensuring tasks are completed within defined SLAs.

• Act as the primary point of escalation for security incidents and compliance roadblocks.

• Assist in the development of departmental KPIs and report on security metrics to senior leadership.

GRC Implementation & Audit Readiness

• Execute and maintain Information Security Policies, Standards, and Procedures.

• Facilitate the implementation of ISO 27001, SOC 2, CMMI, and ISO 9001 frameworks.

• Coordinate internal and external audits, ensuring all documentation and evidence are gathered and remediated promptly.

• Conduct Business Impact Analysis (BIA) and support the testing of Disaster Recovery (DR) and Business Continuity Plans (BCP).

• Deliver Cybersecurity Awareness training sessions to diverse internal departments.

Technical Security Management

• Manage the health and performance of security tools: XDR, SIEM, IAM, and DLP.

• Oversee Vulnerability Management programs, coordinating with IT teams to ensure timely patching and hardening (CIS/GPO).

• Review and optimize Next-Gen Firewall rules and secure web routing protocols.

• Lead initial incident response investigations and perform root cause analysis for security breaches or near-misses.

Education & Experience:

• Education: Bachelor’s degree in Computer Science, Information Security, IT, or a related field.

• Experience: 4–6 years of experience in Information Security, with at least 1–2 years in a senior or supervisory capacity.

• Technical Knowledge: Hands-on experience with SIEM monitoring, IAM lifecycle management, and VAPT workflows.

• Regulatory Knowledge: Solid understanding of GRC frameworks and Bangladesh-specific data privacy regulations.

Preferred Certifications:

• Security+, CEH, or ISO 27001 Internal Auditor.

• Candidates pursuing CISA, CISM, or CISSP will be given preference.

• Insurance
• Lunch Facilities: Partially Subsidize
• Salary Review: Yearly
• Festival Bonus: 2