ACBAR

Agency Coordinating Body for Afghan Relief and Development

Position Title: IT Security Analyst

Activation Date: 21 January, 2026   Announced Date: 21 January, 2026   Expire Date: 21 February, 2026

  • Job Location: Kabul
  • Nationality: Afghan
  • Category: Banking
  • Employment Type: Full Time
  • Salary: As Per Organization Salary Range
  • Vacancy Number: GB/EAD/20
  • No. Of Jobs: 1
  • City: Kabul
  • Organization: Ghazanfar Bank
  • Years of Experience: • Minimum 3–5 years of experience in IT security, cybersecurity, or information risk management. • Experience in banking, financial services, or regulated environments is a strong advantage.
  • Contract Duration: 5
  • Gender: Male
  • Education: • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Professional Certifications (Preferred) • CISSP, CISM, CISA, CEH, ISO 27001, or equivalent information security certifications.
  • Close date: 2026-02-21
 

About Ghazanfar Bank:

Ghazanfar Bank, a full-fledged licensed commercial Bank, commenced its operations in March 2009. The Share Holders of the Bank belongs to one of the leading business groups of Afghanistan. As a leading business house Ghazanfar Group is involved in various key businesses sectors as a front runner such as import and distribution of Petroleum/Gas and other various important industrial sectors. Ghazanfar Bank started its operation in Kabul, Afghanistan, and is offering key financial services both under conventional and Islamic Banking. The Bank has since opened up its Branches at various key locations such as Mazar Sharif, Hairatan, Nayeb Abad Branch Kunduz, Takhar, Pule- Khumri, Jalalabad, Herat & Kandahar besides opening another eight branches at Kabul in Sarai Shahzada, Shar-e-Naw, Karte Naw, Kote Sangi, Lase Maryam, Karte Char, Kabul Airport Branch and Wazir Akbar Khan. In due course of time, the Bank intends to expand its Branch Network in Kabul as well as at other key locations of the Country

Job Description:

A. Information Security Operations

  • Monitor IT systems, networks, and applications for security threats and vulnerabilities.
  • Implement and maintain security controls, tools, and configurations.
  • Support secure system configurations across CBS, applications, servers, and networks.
  • Ensure compliance with approved IT security standards and policies.

B. Cyber Risk & Incident Management

  • Detect, analyze, and respond to information security incidents and cyber threats.
  • Escalate material security incidents, cyber risks, and control weaknesses to the CRO in a timely manner.
  • Support incident investigation, root-cause analysis, and remediation actions.
  • Maintain incident logs and prepare incident reports.

C. Governance, Risk & Compliance Support

  • Support the implementation of the Bank’s Information Security Policy, IT governance framework, and risk controls.
  • Coordinate with Risk Management to:
    • Identify IT and cyber risks
    • Support risk assessments and KRIs
    • Align controls with the Bank’s risk appetite
  • Support Compliance requirements related to data protection, access controls, and regulatory expectations.

D. Access Control & Security Monitoring

  • Monitor and review user access rights to critical systems (including CBS).
  • Support periodic access reviews and segregation of duties controls.
  • Ensure timely removal or modification of access for staff movements and terminations.

E. Vulnerability Management & Security Testing

  • Conduct or coordinate vulnerability assessments and security testing.
  • Track remediation of identified vulnerabilities.
  • Support implementation of security patches and system hardening.

F. Audit & Regulatory Support

  • Act as a focal point for IT security matters during:
    • Internal Audit
    • External Audit
    • Regulatory examinations
  • Support closure of IT security-related audit findings and regulatory observations.

G. Awareness & Capacity Building

  • Support IT security awareness initiatives and training programs for staff.
  • Promote a strong security culture and compliance with security policies.

7. Authority & Escalation

  • Recommend security improvements and corrective actions.
  • Escalate high-risk security incidents and systemic weaknesses to Dy-CIO and CRO.
  • No authority to override business or system decisions without approval.

 

Job Requirements:

Education

  • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.

Professional Certifications (Preferred)

  • CISSP, CISM, CISA, CEH, ISO 27001, or equivalent information security certifications.

Experience

  • Minimum 3–5 years of experience in IT security, cybersecurity, or information risk management.
  • Experience in banking, financial services, or regulated environments is a strong advantage.

 

Submission Guideline:

Applicants who meet the above requirements should submit their updated Curriculum vitae (CV)/Resume to (sr.recruitment-officer@ghazanfarbank.com)

Please Mention specific Job Title in subject of your E-mail otherwise your Email will not be considered.

Note only shortlisted candidates will be contacted for further recruitment process.

Submission E-mail

(sr.recruitment-officer@ghazanfarbank.com)

Submission Email:

sr.recruitment-officer@ghazanfarbank.com





 

Similar Jobs