Job Description

JOIN THE MOST AWARDED BANK IN SRI LANKA

With an enduring vision of being the most technologically advanced, innovative and customer friendly financial organization, we, the Most Awarded Bank in Sri Lanka, continue to progress steadily while being the first Sri Lankan bank to be listed amongst the Top 1000 Banks in the World.

Our unparalleled record of success is supported by an unmatched suite of digital offerings and superior standards in service, stability and performance. We are poised to ascend to even greater heights in the near future.

Senior Engineer – IT Security and Compliance

JOB PROFILE

• Ensure compliance with CBSL Direction No.16 on Cyber Security, including regular assessment, reporting, and technical control implementation related to endpoint security.
• Ensure timely patch deployment across all End-User Computing (EUC) devices, following the bank's security policies.
• Administer Antivirus (AV) and Endpoint Detection & Response (EDR) platforms to ensure endpoint security posture.
• Analyze EDR alerts, carry out first-level investigations, and escalate potential incidents.
• Provide technical inputs and documentation support for ISO 20000, ISO 27001, and PCI-DSS audit activities.
• Coordinate the closure of internal and external IT audit findings by implementing appropriate technical fixes.
• Perform regular compliance checks on patches, AV updates, and EDR status; prepare and present reports.
• Work closely with Information Security, Infrastructure, and Risk units to strengthen endpoint security practices.
• Maintain logs, trackers, and dashboards related to AV/EDR compliance and endpoint protection coverage.
• Enforce adherence to IT Security standards, guidelines, and operational controls.
• Support operational teams during system hardening, upgrades, and rollout of endpoint policies.

APPLICANT'S PROFILE

• Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science, or a related discipline.
• Minimum 3–5 years of hands-on experience in endpoint protection, patch management, or IT security operations.
• In-depth knowledge of AV/EDR tools (e.g., Kaspersky, ManageEngine EDR/AV, or equivalent platforms).
• Familiarity with audit frameworks and regulatory standards like ISO 27001, ISO 20000, and PCI-DSS.
• Strong problem-solving skills and the ability to work under pressure in a compliance-driven environment.
• Excellent documentation and reporting skills.

Successful candidate will be provided with an attractive remuneration package, commensurate with benchmark financial institutions.

Interested candidates are invited to apply for the position, all applications should be routed through our corporate website.

To apply, please visit, www.combank.lk

Similar Jobs

Management Systems (Pvt) Ltd

Security Operations Center (SOC) Specialist | Security Governance & Compliance Specialist

• Colombo
• Full Time
• 2 days ago

Associated Motorways (Private) Limited

Chief Information Security Officer (CISO)

• Colombo
• Full Time
• 7 days ago