Senior Manager - Information Security

100% remote



Karachi, Lahore and Islamabad

What is SadaPay?

We’re a fintech pushing a new, digital-first financial lifestyle: where money is so simple, that any other way becomes unthinkable. In an environment like Pakistan’s, where more than three-quarters of the population is unbanked, financial services need to be drastically reshaped. Enter SadaPay: all you need to get started is a CNIC, a phone number, and a smartphone. We’ve also put some of your worst banking nightmares to rest with no hidden fees, free transfers, a free debit Mastercard, and a payment experience that’s actually delightful. When you pair all this with friendly customer service and a brightly colored debit card, finance can be fun!

Whether you’re working from our offices in Lahore, Islamabad, Karachi or Dubai, or from your home (we’re remote first!), you can be part of our financial revolution.

Why is this role important?

The person would be responsible to establish and maintain a corporate-wide Information Security program and ensure that the information assets are adequately protected. They will proactively work with business units to implement practices that meet defined policies and standards for Information Security and oversee a variety of IT-related risk management activities in the organization. They will also be responsible for ensuring that all technology-related regulatory guidelines and best practices are implemented organization-wide.

As a Sadanaut You Will: 

  1. Drive a culture of security-first practices across all areas of the organization. 
  2. Work with the Technology team to build security practices and tooling into all levels of the SDLC. 
  3. Develop Identity and Access Management standards and enforce best practices. 
  4. Identify opportunities for implementing modern technology controls to create more visibility or defend key points of attack. 
  5. Create, communicate and implement a risk-based process for risk management of outsourcing, including the assessment and treatment for risks that may result from partners, consultants, and other service providers. 
  6. Work directly with the business units to facilitate IT risk assessment and risk management processes and work with stakeholders throughout the enterprise. 
  7. Create a framework for roles and responsibilities concerning information ownership, classification, accountability, and protection 
  8. Ensure the Technology function is following regulatory guidelines and ensuring adequate IT Governance. 
  9. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. 
  10. Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation. 
  11. Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action. 
  12.  Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk. 

What it Takes to Become a Sadanaut:

  1. A bachelor’s degree in information systems or equivalent work experience; an MBA. or M.S. in information security is preferred. 
  2. Minimum 4 years of experience in relevant field 
  3. Ability to lead and motivate cross-functional teams to achieve tactical and strategic goals. 
  4. Experience developing and maintaining policies, procedures, standards, and guidelines. 
  5. Exhibit excellent analytical skills, the ability to manage multiple projects 

Perks of Being at SadaPay:

  1. Become an owner! We’re not kidding: more than 80% of our colleagues are owners of the company since they currently hold stocks
  2. USD-Denominated Salary - All our salaries are pegged to USD to help protect colleagues from the current state of inflation. In case the dollar depreciates against the PKR value, you will always be paid a minimum of your PKR salary.
  3. We’re a remote-first company which means our colleagues can work from the office, home, or literally anywhere they want to 🙂 However, teams may decide internally whether it is required for them to work from the office or not.
  4. We offer a flexible leave policy to maintain a sustainable work-life balance and make sure our workspace feels like a second home to our colleagues. However, colleagues need to take complete responsibility and manage their work and leaves accordingly.
  5. Each Sadanaut, regardless of their grade, is covered by the same range of Life Insurance and Medical Insurance (both outpatient and inpatient care that includes their immediate family and parents)
  6. Enjoy added security with our Provident Fund contribution - a part of our comprehensive benefits package to ensure your long-term financial well-being.
  7. A MacBook Air to help you get all your tasks done efficiently.

Equal Opportunity Provider:

At SadaPay, we pride ourselves on creating an environment which is inclusive for all. We want all our Sadanauts to feel welcome and comfortable in the workspace. We discourage discrimination of any kind and encourage respect among our fellow colleagues. Our recruitment process is fair for all, regardless of race, age, gender, color, religion, social status, disability or ethnicity.