Executive – Information Security and Compliance - LAUGFS Holdings Colombo 06

Posted August 12, 2025 by LAUGFS Holdings

Closing Date : August 18, 2025

Colombo ,

Full Time

Information & Communication Technology |

Security - IT |

About the job

Job Summary

The Executive – Information Security is responsible for supporting the development, implementation, and maintenance of the organization’s information security strategy. This role ensures the confidentiality, integrity, and availability of information assets by enforcing security policies, managing risks, and supporting regulatory compliance efforts, including Sri Lanka’s PDPA and ISO 27001 standards.

Key Responsibilities:

Monitor and respond to security events, alerts, and incidents.
Perform routine security reviews, vulnerability assessments, and system hardening checks.
Assist in developing, maintaining, and enforcing information security policies, procedures, and guidelines.
Support compliance initiatives such as PDPA, ISO/IEC 27001, NIST, and internal audit requirements.
Assist with risk assessments and the implementation of mitigation measures.
Conduct security awareness training programs for employees, contractors, and stakeholders.
Support phishing simulations and monitor training effectiveness.
Maintain accurate records of IT security assets, access logs, and incident response documentation.
Review and assess third-party/vendor information security controls.

Qualifications and Skills:

Education

Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
Postgraduate diploma or Master’s degree in Information Security (preferred but not mandatory).

Certifications (Preferred)

CISSP, CISM, ISO/IEC 27001 Lead Implementer/Auditor, CompTIA Security+, or equivalent.

Key Skills:

Strong understanding of information security principles, network security, and access controls. Familiarity with regulatory frameworks such as PDPA, GDPR, ISO 27001, NIST.
Hands-on experience with SIEM tools, firewalls, antivirus, encryption, etc.
Excellent documentation, communication, and analytical skills.
Ability to handle sensitive/confidential data responsibly.

Experience:

2–5 years of experience in an Information Security, IT Governance, or IT Audit role.

Behavioral Competencies:

High integrity and strong sense of responsibility
Attention to detail and risk awareness
Proactive mindset with ability to work independently
Strong interpersonal skills and ability to collaborate across departments

Cyber Security Risk Management Auditing Documentation

සෑලකිය යුතුයි : අපි ඔබව මෙම රැකියාව උපුටා ගත් පිටුවට හරවා යවන්නෙමු . අපි ඔබ වෙනුවෙන් ඔබේ CV , තොරතුරු අදාළ ආයතනය වෙත නොයවන බව කරුණාවෙන් සලකන්න

கவனமாக இருக்க வேண்டும் : இந்த வேலை மேற்கோள் காட்டப்பட்டுள்ள பக்கத்திற்கு உங்களை திருப்பி விடுவோம். உங்களுக்கான CV, தகவல்களை சம்பந்தப்பட்ட நிறுவனத்திற்கு நாங்கள் அனுப்ப மாட்டோம் என்பதை நினைவில் கொள்ளவும்

Disclaimer : By clicking the button below, you consent for CareerFirst and partners to use automated technology, including pre-recorded messages, cell phones and texts, and email to contact you at the number and email address provided. This includes if the number is currently on any Do Not Call Lists. This consent is not required to make a purchase. We are redirecting you to the employer's career page. Please note that we are not sending your CV to the employer on your behalf. Privacy Policy.