IS GRC Analyst Soneri Bank Limited Karachi

Soneri Bank Limited has announced a new career opportunity for the position of IS GRC Analyst in its Information Security Department. This role is ideal for candidates who are starting their careers in information security, governance, risk management, and compliance (GRC) and want to gain experience in the banking sector.

The position is based at the bank’s Central Office located on I. I. Chundrigar Road in Karachi, which is one of Pakistan’s major financial districts.

About Soneri Bank

Soneri Bank Limited is a well-established commercial bank in Pakistan, providing a wide range of financial services including retail banking, corporate banking, digital banking, and trade finance solutions. The bank focuses on innovation, customer service, and maintaining strong security standards to protect customer data and financial systems.

The Information Security Department plays a critical role in ensuring the bank’s IT systems, data, and digital operations remain secure and compliant with international security standards.

Job Overview

This position is designed for candidates with basic professional experience in information security or IT governance, risk, and compliance.

Job Location

The selected candidate will work at the Central Office of Soneri Bank Limited, located at:

5th Floor, Al Rahim Towers, I. I. Chundrigar Road, Karachi, Pakistan

This area is known as the financial hub of Pakistan, where many banks, financial institutions, and corporate offices are located.

Key Responsibilities

The IS GRC Analyst will support the Information Security team in maintaining compliance with security policies and managing risk-related processes.

Audit Coordination

• Assist internal and external auditors during information security audits.

• Collect required evidence, documentation, and records to demonstrate compliance.

Security Policy Implementation

• Support the implementation of information security policies and procedures.

• Ensure compliance with both regulatory and organizational requirements.

Security and Compliance Projects

• Participate in security-related initiatives such as:

  • Third-party security assessments

  • Vulnerability assessments

  • Security review activities

Risk Management Documentation

• Maintain risk management records including:

  • Key Risk Indicators (KRIs)

  • Risk Control Self-Assessment (RCSA) documentation

Security Awareness Programs

• Organize employee awareness sessions and training programs related to cybersecurity.

• Promote best practices for protecting information systems and data.

Information Asset Management

• Maintain the information asset register.

• Ensure all asset details such as:

  • Owner

  • Custodian

  • Confidentiality, Integrity, and Availability (CIA) classifications
    are properly documented.

Compliance with International Standards

• Coordinate with internal and external stakeholders to maintain compliance with:

  • PCI DSS (Payment Card Industry Data Security Standard)

  • ISO/IEC 27001 (Information Security Management Standard)

Third-Party Security Management

• Manage third-party information security service-level agreements (SLAs).

• Handle processes related to payments, renewals, and vendor compliance.

Required Qualifications

Candidates interested in this position must have one of the following qualifications:

• Bachelor’s degree in Information Security

• Master’s degree in Information Security

• Bachelor’s or Master’s in Computer Science

• Engineering degree related to Information Technology

These academic backgrounds provide the technical knowledge needed to work in cybersecurity and IT governance roles.

Required Experience

Applicants should have:

• At least 6 months to 1 year of professional experience

• Experience in:

  • Information Security

  • IT Governance, Risk, and Compliance (GRC)

Experience in banking or financial institutions can be an added advantage.

Skills That Can Help You Succeed

Candidates applying for the IS GRC Analyst role should ideally have the following skills:

Technical Skills

• Basic knowledge of information security frameworks

• Understanding of risk management and compliance processes

• Familiarity with security standards such as PCI DSS and ISO 27001

• Knowledge of cybersecurity policies and procedures

Soft Skills

• Strong analytical thinking

• Attention to detail

• Communication and coordination skills

• Ability to work with cross-functional teams

• Organizational and documentation skills

Equal Opportunity Employer

Soneri Bank Limited is an equal opportunity employer. The bank encourages qualified candidates from diverse backgrounds to apply and aims to create an inclusive workplace environment.

Only shortlisted candidates will be contacted for interviews.

How to Apply

Interested candidates should send their updated CV via email to the following addresses:

📧 [email protected]
📧 [email protected] (CC)

Important Application Instruction

Candidates must mention the position title “IS GRC Analyst” in the subject line when sending their email.

Application Deadline

The last date to apply is April 15, 2026.

Applicants are encouraged to apply before the deadline to ensure their application is considered.

Final Thoughts

The IS GRC Analyst role at Soneri Bank Limited is a strong opportunity for early-career professionals who want to enter the field of cybersecurity, risk management, and information security governance.

With responsibilities ranging from audit support and compliance management to security awareness and risk monitoring, this position offers valuable experience for individuals who want to grow in the information security domain within the banking industry.

Candidates with the required education and basic professional experience in information security or IT GRC are encouraged to apply and become part of a reputable financial institution.