Information Security Analyst

Position: Information Security Analyst
Job Code: SBL-ISD-003-82/83
Level: Assistant/Senior Assistant/Junior Officer
Required No: Two (2)
Location: Kathmandu, Nepal
Department: Information Security
Application Deadline: 20th April 2026

MINIMUM QUALIFICATION AND REQUIREMENT:

For Junior Officer Level

Bachelor’s Degree with minimum 50% marks or CGPA 2.5 in the field of Information Technology/ Computer Engineering/ Electronics Engineering with at least 2.5 years of relevant work experience

OR

Master’s Degree with minimum 50% marks or CGPA 2.5 in the field of Information Technology/ Computer Engineering/ Electronics Engineering with at least 1.5 years of relevant work experience

For Senior Assistant Level

Bachelor’s Degree in the field of Information Technology/ Computer Engineering/ Electronics Engineering with minimum 50% marks or CGPA 2.5 with at least 2 years of relevant work experience.

For Assistant Level

Bachelor’s Degree in the field of Information Technology/ Computer Engineering/ Electronics Engineering with minimum 50% marks or CGPA 2.5 with at least 1.5 years of relevant work experience.

AGE LIMIT:

For Junior Officer

Male: Minimum 21 Years of age not exceeding 35 years as on application deadline

Female: Minimum 21 Years of age not exceeding 40 years as on application deadline

For Senior Assistant

Male: Minimum 20 Years of age not exceeding 35 years as on application deadline

Female: Minimum 20 Years of age not exceeding 40 years as on application deadline

For Assistant Level

Male: Minimum 20 Years of age not exceeding 32 years as on application deadline

Female: Minimum 20 Years of age not exceeding 37 years as on application deadline

JOB DESCRIPTION

• Implement, monitor, and maintain security infrastructure, including firewalls, WAF, DLP, SIEM/SOAR, EDR, XDR solutions, IDS/IPS, Email gateway and endpoint security.
• Design and integrate security controls into enterprise IT architectures and development processes.
• Perform vulnerability assessments, penetration testing, and incident response activities.
• Secure banking applications, APIs, and digital platforms against cyber threats.
• Monitor real-time threats, analyse logs, and respond to alerts.
• Develop and enforce cybersecurity policies aligned with standards such as PCI DSS, ISO 27001, GDPR and relevant banking regulations.
• Work with IT, risk, and compliance teams to identify and resolve security gaps.
• Support fraud prevention initiatives through relevant cybersecurity measures.
• Prepare technical documentation, including architecture diagrams and whitepapers.
• Emulate advanced threat actors to test an organization’s detection and response capabilities.
• Conduct social engineering, phishing, and physical security testing if required.

REQUIRED JOB KNOWLEDGE

• Solid understanding of network security/architecture, cryptography, and authentication protocols.
• Experience with SIEM platforms, API/Cloud security, and endpoint protection tools.
• Knowledge of digital forensics, evidence preservation, malware investigation, log correlation, and incident.
• Familiarity with banking-related regulatory and compliance requirements.
• Practical experience with VAPT tools, penetration testing, threat modelling, and incident response.
• Basic Linux, AIX, Unix knowledge for scripting and automation (such as Python, Bash, or PowerShell) is an advantage.
• Professional certifications such as CCNA, CEH, CHFI, ISO 27001 Lead auditor/Lead Implementer, or equivalent advanced security certifications are highly preferred.

The Bank reserves the right to reject any/all applications without assigning any reason whatsoever. Only shortlisted candidates shall be called for the further selection process.

Canvassing at any stage of the processes shall lead to disqualification of the candidate for this vacancy. Application received from any other medium other than Bank’s website shall be disqualified. No Telephone queries will be entertained for this purpose.

Tagged as: Kathmandu