Associate Manager, Software Security & Risks
Job Description
Title: Associate Manager, Software Security & Risks
Company Name: BRAC Bank PLC
Vacancy: --
Location: Anywhere in Bangladesh
Experience:
∎ 5 to 7 years
∎ The applicants should have experience in the following business area(s):Banks
Published: 19 Jun 2025
Education:
∎ Bachelor of Science (BSc) in Computer Science & Engineering
∎ Bachelor’s or Master’s degree in computer science, Cybersecurity, or a related field.
Requirements:
Additional Requirements:
∎ Minimum 5 -7 years of working experience in Information Security or a minimum of 5 years’ experience in application/database security as a primary responsibility.
∎ Strong knowledge of web, mobile, and API security (OWASP Top 10, CWE/SANS Top 25), cloud security (AWS/GCP/Azure), secure software design principles and Secure SDLC methodologies.
∎ One or more of the following professional certifications are expected, e.g., CEH, LPT, OSWE, GWAPT, CSSLP, PCI DSS, ITIL, ISO27001/ISO 9001 etc.
∎ Hands-on experience with different and renowned databases (such as oracle, MYSQL, MSSQL, PostgreSQL and so on) is a plus.
∎ Proficient in at least one programming language (e.g., Java, Python, JavaScript, .NET, LLM).
∎ Familiar with CI/CD environments and DevSecOps practices.
∎ Candidates must possess excellent interpersonal, presentation, and verbal/written communication skills with the ability to document and explain processes and procedures to business and technical stakeholders.
∎ Proficient in customer-centricity, self-propelled, and capable of meeting deadlines.
∎ Minimum 5 -7 years of working experience in Information Security or a minimum of 5 years’ experience in application/database security as a primary responsibility.
∎ Strong knowledge of web, mobile, and API security (OWASP Top 10, CWE/SANS Top 25), cloud security (AWS/GCP/Azure), secure software design principles and Secure SDLC methodologies.
∎ One or more of the following professional certifications are expected, e.g., CEH, LPT, OSWE, GWAPT, CSSLP, PCI DSS, ITIL, ISO27001/ISO 9001 etc.
∎ Hands-on experience with different and renowned databases (such as oracle, MYSQL, MSSQL, PostgreSQL and so on) is a plus.
∎ Proficient in at least one programming language (e.g., Java, Python, JavaScript, .NET, LLM).
∎ Familiar with CI/CD environments and DevSecOps practices.
∎ Candidates must possess excellent interpersonal, presentation, and verbal/written communication skills with the ability to document and explain processes and procedures to business and technical stakeholders.
∎ Proficient in customer-centricity, self-propelled, and capable of meeting deadlines.
Responsibilities & Context:
∎ Collaborate with stakeholders to ensure security of applications, integrations, and FinTech initiatives.
∎ Conduct threat model assessments, vulnerability scans, and penetration tests for web, mobile, API, system, and network architectures.
∎ Implement security vetting for newly developed applications and ensure compliance with Bangladesh Bank guidelines and established processes and standards.
∎ Perform static (SAST), dynamic (DAST), and manual code reviews to enhance code quality and identify security vulnerabilities.
∎ Support developers by integrating security controls into the software development lifecycle (SDLC) and continuous integration and delivery (CI-CD) pipelines.
∎ Conduct comprehensive technical security analyses of systems to identify potential vulnerabilities, gaps in existing information security policies and procedures, or the need for new development.
∎ Collaborate with the development team to create and maintain policies, procedures, and internal documentation that align with regulatory requirements and organizational standards.
∎ Participate in cyber security incident response processes and support the Security Operations Center (SOC) as necessary.
∎ Stay informed about cyber trends, threats, and vulnerabilities to proactively address potential security risks.
∎ BRAC Bank, a leading sustainable bank in Bangladesh, is committed to becoming the best bank in the country. It has pioneered SME Banking in Bangladesh and offers a comprehensive range of banking services to individuals and business entities. BRAC Bank stands out as a beacon of financial inclusion with solid financials, top credit ratings, and numerous accolades.
∎ BRAC Bank seeks an ambitious, intelligent, purpose-driven, and enthusiastic individual for the following position in its Information Security Department under Risk Management Division:
∎ Associate Manager, Software Security & Risks
∎ Grade: SO-PO
∎ KEY RESPONSIBILITIES:
∎ Collaborate with stakeholders to ensure security of applications, integrations, and FinTech initiatives.
∎ Conduct threat model assessments, vulnerability scans, and penetration tests for web, mobile, API, system, and network architectures.
∎ Implement security vetting for newly developed applications and ensure compliance with Bangladesh Bank guidelines and established processes and standards.
∎ Perform static (SAST), dynamic (DAST), and manual code reviews to enhance code quality and identify security vulnerabilities.
∎ Support developers by integrating security controls into the software development lifecycle (SDLC) and continuous integration and delivery (CI-CD) pipelines.
∎ Conduct comprehensive technical security analyses of systems to identify potential vulnerabilities, gaps in existing information security policies and procedures, or the need for new development.
∎ Collaborate with the development team to create and maintain policies, procedures, and internal documentation that align with regulatory requirements and organizational standards.
∎ Participate in cyber security incident response processes and support the Security Operations Center (SOC) as necessary.
∎ Stay informed about cyber trends, threats, and vulnerabilities to proactively address potential security risks.
Employment Status: Full Time
Job Location: Anywhere in Bangladesh
Read Before Apply:
BRAC Bank is a values-driven organization that protects all its stakeholders, including the coworkers and the community we work in, from harassment, abuse, neglect, exploitation, and discrimination. As an equal opportunity enabler, BRAC Bank encourages applications from any gender-diverse individuals and persons living with a disability. We consider personal persuasion to be a disqualification of candidature.
If you want to take up the challenge, please 'Apply Online'.
Only shortlisted candidates will be contacted for the next stage as part of the recruitment process. BRAC Bank reserves the right to accept or reject any application without providing a reason.
BRAC Bank does not charge any fees at any stage of the recruitment process.
Apply URL::
Apply Procedure:
Company Information:
∎ BRAC Bank PLC
∎ Anik Tower (Level-9), 220/B, Tejgaon Gulshan Link Road, Dhaka-1208
∎ BRAC Bank is one of the top sustainable banks in Bangladesh. Established with a view to financial inclusion, BRAC Bank is the pioneer of SME Banking in Bangladesh, delivering a full array of banking services to individuals and business entities. Its strong financials, along with the best credit rating from the top global and local rating agencies and numerous recognitions, speak of the bank`s aspiration towards becoming the best bank in the country.
Address::
∎ Anik Tower (Level-9), 220/B, Tejgaon Gulshan Link Road, Dhaka-1208
∎ BRAC Bank is one of the top sustainable banks in Bangladesh. Established with a view to financial inclusion, BRAC Bank is the pioneer of SME Banking in Bangladesh, delivering a full array of banking services to individuals and business entities. Its strong financials, along with the best credit rating from the top global and local rating agencies and numerous recognitions, speak of the bank`s aspiration towards becoming the best bank in the country.
Application Deadline: 28 Jun 2025
Category: Bank/Non-Bank Fin. Institution
