Manager, InfoSec & GRC
Job Description
Title: Manager, InfoSec & GRC
Company Name: SEBPO
Vacancy: 1
Age: Na
Job Location: Dhaka
Salary: Negotiable
Experience:
- At least 6 years
- The applicants should have experience in the following business area(s): Software Company, IT Enabled Service, BPO/ Data Entry Firm, Bakery (Cake, Biscuit, Bread), Agro based Startup, Healthcare Startup, E-commerce Startup, Advertising Technology (AdTech) Startup
Published: 2026-03-06
Application Deadline: 2026-03-31
Education:
- Bachelor of Science (BSc) in Computer Science
Requirements:
- At least 6 years
- The applicants should have experience in the following business area(s): Software Company, IT Enabled Service, BPO/ Data Entry Firm, Bakery (Cake, Biscuit, Bread), Agro based Startup, Healthcare Startup, E-commerce Startup, Advertising Technology (AdTech) Startup
Skills Required: CEH,CISA,cism,CISSP
Additional Requirements:
Responsibilities & Context:
About the Role:
We are hiring a strategic Manager of InfoSec & GRC to lead our cybersecurity operations, enforce compliance standards, and protect the organization's critical data. The ideal candidate will blend technical security expertise with robust governance and risk management capabilities.
Key Responsibilities:
Leadership & Strategy: Lead and manage the Governance & Cybersecurity team, ensuring effective execution of security operations and compliance activities. Provide strategic guidance on emerging threats and risk management initiatives. Collaborate with global Information Security teams to address incidents, vulnerabilities, and compliance gaps.
Governance, Risk, and Compliance (GRC): Develop and maintain Information Security Policies, Standards, and Procedures. Drive ISO 27001, SOC 2, CMMI, ISO 9001, and other governance initiatives. Manage internal and external audits, cybersecurity insurance audits, and risk treatment planning. Design and conduct Cybersecurity Awareness Programs. Develop and maintain Disaster Recovery (DR) and Business Continuity Plans (BCP), and plan for Business Impact Analysis (BIA).
Information Security (InfoSec): Oversee daily security operations. Monitor and manage Endpoint, Network, and Web Application Security (XDR, Secure Web Routing, CIS/GPO Hardening, Patch Management). Manage Identity and Access Management (IAM) controls. Conduct and oversee Vulnerability Assessment and Penetration Testing (VAPT) programs. Monitor dark web threats, implement Data Loss Prevention (DLP) strategies, and enforce Next-Generation Firewall rules. Monitor security alerts using Security Information and Event Management (SIEM) tools.
Education & Experience:
At least Bachelor’s degree in Computer Science, Information Security, IT or a related field.
6+ years of experience in Audit & Compliance and Cybersecurity or Information Security operations.
Strong understanding of GRC frameworks and regulatory standards.
Experience with SIEM, IAM, DLP, Firewall management, and vulnerability management tools.
Proven experience leading security teams and cross-functional projects.
Preferred Certifications:
CISSP, CISM, CISA, ISO 27001 Lead Auditor / Lead Implementer, CEH, Security+ or other cybersecurity certifications.
Job Other Benifits:
- Weekly 2 holidays,Insurance
- Lunch Facilities: Partially Subsidize
- Festival Bonus: 2
Employment Status: Full Time
Job Work Place: Work at office
Company Information:
Gender: Male and Female can apply
Read Before Apply: Please apply only who are fulfilling all the requirements of this job
Category: IT & Telecommunication
