
Information Security Governance Lead | Manager – Pan Asia Bank Colombo
Posted July 25, 2025 by Pan Asia Bank
Closing Date : July 28, 2025
About the job
Company Description:
We are seeking a highly experienced and driven individual to join our growing team as an Information Security Governance Lead. This role is ideal for a cybersecurity professional with a strong foundation in security frameworks, risk management, compliance, and policy development. The ideal candidate will possess a strategic mindset, exceptional leadership skills, and the ability to translate complex security requirements into practical, organization-wide initiatives. If you are passionate about building robust governance frameworks and leading enterprise-wide security efforts that safeguard critical assets and enable business growth, this is the opportunity for you.
Role Description:
- Develop, implement, and maintain a Bank-wide Information Security Governance Framework, ensuring alignment with organizational goals, regulatory requirements, and industry standards (e.g., ISO 27001, PDPA)
- Create, review, and update information security policies, standards, and procedures, ensuring consistent application and compliance across all business units
- Conduct regular risk assessments to identify, analyze, and prioritize information security risks, and oversee the development and implementation of mitigation plans
- Ensure compliance with applicable legal, regulatory, and contractual requirements, coordinate internal and external audits, and manage findings and recommendations
- Collaborate with business leaders, IT, and other stakeholders to embed security governance into core processes and act as a key liaison with regulatory bodies, auditors, and external parties
- Establish and oversee incident response governance frameworks, ensuring readiness and compliance with response and reporting protocols
- Promote a culture of security awareness across the Bank through tailored awareness and training programs, providing guidance to staff and management on information security policies and best practices
Qualifications:
- Bachelor's degree in Cybersecurity or related academic qualification from an acceptable institute. A professional qualification in CISSP, CISM, CRISC, CGEIT, ISO 27001 Lead Implementer/Auditor, or equivalent is highly beneficial
- Minimum of 05 years of experience in information security, risk, or compliance roles, with at least 03 years in an information security governance-specific capacity. Proven experience in regulated industries such as banking or government is highly preferred
- Demonstrated track record in developing, implementing, and maintaining information security governance frameworks and ability in drafting, reviewing, and managing security policies, standards, and guidelines, ensuring alignment with regulatory and business requirements.
- Hands-on experience managing security policies, standards, and procedures aligned with frameworks such as ISO 27001, NIST CSF, or CIS Controls
- Involvement in internal or external audits, regulatory assessments, or certification processes (e.g., ISO 27001, PCI DSS, SOC 2)
- Familiarity with privacy and data protection regulations such as GDPR, PDPA (Sri Lanka), or similar
- Practical experience with enterprise risk management (ERM), security risk assessments, and maintaining risk registers
- Experience engaging with senior leadership, audit committees, or board-level risk/governance functions
- Strong record of cross-functional collaboration with legal, compliance, IT, and business units
- Excellent communication and reporting abilities to present complex technical information to non-technical stakeholders
- Strong analytical and problem-solving skills to address complex security challenges effectively.
සෑලකිය යුතුයි : අපි ඔබව මෙම රැකියාව උපුටා ගත් පිටුවට හරවා යවන්නෙමු . අපි ඔබ වෙනුවෙන් ඔබේ CV , තොරතුරු අදාළ ආයතනය වෙත නොයවන බව කරුණාවෙන් සලකන්න
கவனமாக இருக்க வேண்டும் : இந்த வேலை மேற்கோள் காட்டப்பட்டுள்ள பக்கத்திற்கு உங்களை திருப்பி விடுவோம். உங்களுக்கான CV, தகவல்களை சம்பந்தப்பட்ட நிறுவனத்திற்கு நாங்கள் அனுப்ப மாட்டோம் என்பதை நினைவில் கொள்ளவும்
Disclaimer : By clicking the button below, you consent for CareerFirst and partners to use automated technology, including pre-recorded messages, cell phones and texts, and email to contact you at the number and email address provided. This includes if the number is currently on any Do Not Call Lists. This consent is not required to make a purchase. We are redirecting you to the employer's career page. Please note that we are not sending your CV to the employer on your behalf. Privacy Policy.
RELATED JOBS
Dialog Axiata PLC
Closing Date: 2025-08-24

Nations Trust Bank PLC
Closing Date: 2025-08-22

IFS Sri Lanka
Closing Date: 2025-08-24

Commercial Bank PLC
Closing Date: 2025-07-27

Commercial Bank PLC
Closing Date: 2025-07-28

Commercial Bank PLC
Closing Date: 2025-07-27

Commercial Bank PLC
Closing Date: 2025-07-30

MAS Holdings
Closing Date: 2025-07-31

DFCC Bank
Closing Date: 2025-07-28

MAS Holdings
Closing Date: 2025-07-31

MAS Holdings
Closing Date: 2025-07-31

Commercial Bank PLC
Closing Date: 2025-08-17

Hatton National Bank (HNB)
Closing Date: 2025-08-03


Sri Lanka Medical Council
Closing Date: 2025-08-04

Virtusa Pvt Ltd
Closing Date: 2025-08-16

IFS Sri Lanka
Closing Date: 2025-08-13


IFS Sri Lanka
Closing Date: 2025-08-20
