B
Information Security Analyst - Security Assurance / GRC
Bank of Ceylon•location_onColombo, Sri Lanka
work_historyFull-Timehome_workOn-site
About the Role
Join Bank of Ceylon's Information Security team in either the Security Assurance or Governance, Risk and Compliance (GRC) specialisation to strengthen the bank's cyber defence posture.
Responsibilities
- Conduct information security assurance reviews and compliance assessments
- Support GRC activities including risk registers and policy frameworks
- Monitor and report on the bank's security posture
- Assist with audit responses and regulatory reporting
Requirements
- Degree in Information Technology, Computer Science, or related field
- Professional certifications such as CISSP, CISM, CISA or ISO 27001 Lead Auditor preferred
- Experience in information security or GRC roles within a financial institution
- Knowledge of banking regulatory requirements
Skills
`Information security assessment` · `Governance Risk and Compliance` · `Security assurance frameworks` · `Cybersecurity standards ISO 27001` · `Regulatory compliance in banking` · `Incident analysis`
How to apply
Or apply online: https://www.boc.lk/careers