Chief Information Security Officer – Sindh IT Company (SITC) – Government of Sindh – January 2026

Important Dates

Position Details

Position: Chief Information Security Officer (CISO)

Salary Package: Competitive salary, performance-based incentives

Minimum Qualification:

• Bachelor’s degree in Computer Science / IT from an HEC-recognized university
• Master’s degree preferred

Minimum Experience:

• Minimum 15 years of experience in cybersecurity or technology risk management
• Demonstrated senior level leadership experience within government, financial services, telecom, or other regulated or critical infrastructure environments
• Strong experience engaging with regulators, auditors, law enforcement agencies, and senior stakeholders
• Demonstrated ability to lead effectively during high impact cybersecurity incidents

Key Responsibilities and Skills Required:

1. Cybersecurity Strategy & Leadership

• Develop and implement comprehensive cybersecurity strategy for SITC and Government of Sindh digital initiatives
• Provide strategic leadership on all cybersecurity matters
• Establish cybersecurity policies, standards, and frameworks
• Lead cybersecurity transformation initiatives
• Build and mentor high-performing cybersecurity teams
• Align security strategy with business objectives and digital transformation goals

2. Governance, Risk & Compliance

• Establish and maintain cybersecurity governance framework
• Conduct risk assessments and manage technology risk portfolio
• Ensure compliance with local and international cybersecurity regulations and standards
• Develop and implement compliance monitoring programs
• Coordinate with regulators and auditors for cybersecurity compliance
• Prepare and present risk reports to senior management and board
• Manage cybersecurity risk registers and mitigation plans

3. Security Operations & Incident Management

• Oversee Security Operations Center (SOC) and incident response capabilities
• Lead cybersecurity incident response and crisis management
• Establish incident response protocols and playbooks
• Coordinate with law enforcement agencies during security incidents
• Conduct post-incident reviews and implement lessons learned
• Manage security monitoring, threat detection, and response capabilities
• Oversee vulnerability management and penetration testing programs

4. Technology & Architecture Assurance

• Review and approve security architecture for digital solutions
• Ensure security-by-design principles in all technology initiatives
• Oversee security assessments of applications, systems, and infrastructure
• Manage cloud security, application security, and network security programs
• Implement zero-trust architecture and modern security controls
• Evaluate and implement security technologies and tools
• Oversee identity and access management (IAM) programs

5. Third-Party & Vendor Risk Management

• Establish third-party risk management framework
• Conduct security assessments of vendors and service providers
• Review and approve contracts from security perspective
• Monitor ongoing third-party security compliance
• Manage supply chain security risks
• Coordinate security requirements with procurement teams

Additional Responsibilities:

• Engage with regulators, auditors, and law enforcement agencies on cybersecurity matters
• Represent SITC and Government of Sindh in cybersecurity forums and working groups
• Develop cybersecurity awareness programs for employees and citizens
• Manage cybersecurity budget and resource allocation
• Stay current with emerging threats, technologies, and industry best practices
• Build partnerships with national and international cybersecurity organizations
• Contribute to national cybersecurity policy development

Required Skills & Competencies

Technical Skills:

• Deep expertise in cybersecurity frameworks (NIST, ISO 27001, CIS, etc.)
• Advanced knowledge of security technologies and tools
• Understanding of cloud security, application security, and infrastructure security
• Knowledge of threat intelligence and security analytics
• Experience with security incident and event management (SIEM)
• Understanding of regulatory compliance requirements
• Knowledge of risk management methodologies

Leadership Skills:

• Proven senior leadership experience in government or regulated sectors
• Ability to influence and communicate with C-level executives
• Experience building and managing high-performing teams
• Strategic thinking and vision setting capabilities
• Crisis management and decision-making under pressure
• Change management and transformation leadership

Stakeholder Management:

• Strong experience engaging with regulators and auditors
• Ability to coordinate with law enforcement agencies
• Experience presenting to senior stakeholders and boards
• Excellent communication and presentation skills
• Relationship building with internal and external stakeholders

Industry Experience:

• Experience in government, financial services, telecom, or critical infrastructure
• Understanding of public sector digital transformation
• Knowledge of citizen-centric service delivery
• Experience with large-scale digital initiatives

Why Join SITC?

How to Apply

Application Process:

1. Visit the official SITC jobs portal: https://sitc.gos.pk/jobs
2. Review the detailed job description
3. Prepare your application documents
4. Complete the online application form
5. Upload all required documents
6. Submit before the deadline: Friday, January 23, 2026

Required Documents (Likely to be requested):

• Updated CV / Resume highlighting 15+ years of cybersecurity experience
• Cover letter explaining your interest and suitability
• Educational certificates (Bachelor’s and Master’s degrees)
• Professional certifications (CISSP, CISM, CISA, etc. if applicable)
• Experience certificates from previous employers
• References from senior leaders in government or regulated sectors
• Portfolio of major cybersecurity initiatives led

Application Deadline:

Friday, January 23, 2026

For Queries:

Email: [email protected]

Note: Applications sent to this email will not be considered. Apply only through the official portal.

Terms & Application Process

Selection Process:

• Only shortlisted candidates will be contacted for interviews
• Shortlisting will be based on qualifications, experience, and fit with requirements
• Interviews will be conducted by senior leadership panel
• Assessment of technical knowledge and leadership capabilities
• Reference checks and background verification for shortlisted candidates

Important Notes:

• No TA/DA will be provided for interviews or any stage of recruitment
• SITC is an equal opportunity employer – women are strongly encouraged to apply
• Only applications submitted through the official portal will be considered
• Incomplete applications will not be processed
• SITC reserves the right to cancel the recruitment process at any stage without prior notice
• The decision of the selection committee will be final
• Multiple applications from the same candidate will be rejected

What We Offer:

• Competitive salary aligned with skills and experience
• Performance-based incentives and bonuses
• Opportunity to lead high-impact, citizen-focused digital reforms
• Dynamic, mission-driven work environment
• Professional growth and development opportunities
• Collaborative and innovative organizational culture
• Platform to shape cybersecurity at provincial government level

Ideal Candidate Profile

You Are an Ideal Candidate If You Have:

• 15+ years of progressive cybersecurity leadership experience
• Proven track record as CISO or equivalent senior security role
• Experience in government, financial services, telecom, or critical infrastructure
• Led cybersecurity programs in large, complex organizations
• Successfully managed major cybersecurity incidents
• Experience working with regulators, auditors, and law enforcement
• Strong understanding of cybersecurity frameworks and standards
• Excellent stakeholder management and communication skills
• Strategic mindset with ability to execute tactical initiatives
• Passion for public service and digital transformation
• Master’s degree in Computer Science, Cybersecurity, or related field
• Professional certifications (CISSP, CISM, CISA, etc.) are highly valued

Success Factors:

• Results-driven approach with focus on measurable outcomes
• Forward-thinking with innovation mindset
• Ability to balance security with business enablement
• Strong ethical foundation and integrity
• Collaborative leadership style
• Continuous learning and staying current with emerging threats

General Instructions

• Read the job description carefully before applying
• Ensure you meet the minimum qualification requirements (15+ years experience)
• Apply only through the official SITC jobs portal
• Provide accurate and complete information in your application
• Highlight your cybersecurity leadership experience and achievements
• Include specific examples of incident management and stakeholder engagement
• Mention any relevant certifications (CISSP, CISM, CISA, CEH, etc.)
• Submit your application before the deadline
• Do not send applications via email – they will not be considered
• Keep checking your email for updates on shortlisting and interviews
• Prepare for technical and leadership assessment if shortlisted

Contact Information

About Sindh IT Company (SITC)

Sindh IT Company (Private) Limited (SITC) is the Government of Sindh’s leading digital transformation arm, dedicated to advancing governance and public services with innovative, secure, and citizen-centric digital solutions.

Our Mission:

We combine public sector purpose with private sector agility to build a transparent, efficient digital ecosystem that serves the citizens of Sindh.

What We Do:

• Lead digital transformation initiatives for Government of Sindh
• Develop and implement citizen-centric digital services
• Modernize government operations through technology
• Build secure and scalable digital infrastructure
• Enable e-governance and digital service delivery
• Drive innovation in public sector technology
• Ensure cybersecurity and data protection
• Foster digital inclusion and literacy

Our Values:

• Innovation: Embracing new technologies and approaches
• Excellence: Delivering high-quality digital solutions
• Transparency: Building trust through open governance
• Citizen-Centricity: Putting citizens at the heart of everything we do
• Security: Protecting data and ensuring privacy
• Collaboration: Working together for greater impact

Our Impact:

SITC is working on high-impact digital transformation projects that are shaping the future of Sindh, improving public service delivery, enhancing citizen experience, and building a modern, efficient government.

Frequently Asked Questions (FAQs)

Q1: What is the minimum experience required?

A: Minimum 15 years of experience in cybersecurity or technology risk management is required.

Q2: Is a Master’s degree mandatory?

A: A Bachelor’s degree from an HEC-recognized university is mandatory, but a Master’s degree is preferred.

Q3: Can I apply if my experience is not in government sector?

A: Yes, senior level leadership experience in financial services, telecom, or other regulated or critical infrastructure environments is also acceptable.

Q4: How do I apply?

A: Apply online through the official SITC jobs portal at https://sitc.gos.pk/jobs

Q5: Will I be contacted if I’m not shortlisted?

A: No, only shortlisted candidates will be contacted for interviews.

Q6: Is travel allowance provided for interviews?

A: No, no TA/DA will be provided for interviews.

Q7: Can I send my application via email?

A: No, applications sent to email will not be considered. Apply only through the official portal.

Q8: Are women encouraged to apply?

A: Yes, SITC is an equal opportunity employer and women are strongly encouraged to apply.

Q9: What certifications are preferred?

A: While not mandatory, certifications like CISSP, CISM, CISA, CEH, and other relevant cybersecurity certifications are highly valued.