Manager (Cybersecurity Operations)

Manager (Cybersecurity Operations) – Commercial Bank

Job Overview

Commercial Bank of Ceylon PLC is seeking an experienced and highly skilled Manager – Cybersecurity Operations to lead its cybersecurity initiatives and strengthen the bank’s security posture. This role is ideal for cybersecurity professionals with extensive experience in information security, security operations, threat management, and regulatory compliance. The successful candidate will oversee security operations, incident response, cyber threat hunting, and security governance while ensuring the bank’s digital infrastructure remains secure and resilient.

Position Details

Job Title: Manager – Cybersecurity Operations

Company: Commercial Bank of Ceylon PLC

Job Category: IT & Software, Banking & Insurance, Management, Private Jobs

Job Type: Full Time

Job Location: Colombo District, Sri Lanka

Company Overview

Commercial Bank of Ceylon PLC is Sri Lanka’s most awarded private bank and one of the country’s leading financial institutions. Recognized among the Top 1000 Banks in the World, the bank is renowned for innovation, digital banking excellence, customer-centric services, and operational excellence. Commercial Bank offers outstanding career opportunities for professionals seeking to work with cutting-edge technologies in a dynamic and secure banking environment.

Qualifications & Experience

• Bachelor’s or Master’s Degree in Information Security, Computer Science, Computer Engineering, Information Technology, or a related field specializing in Information Security from a UGC-recognized institution.
• Professional cybersecurity certifications such as CISSP, CISM, CRISC, CEH, or CHFI.
• Minimum of 8 years of progressive experience in information security, cybersecurity engineering, system security, or related fields.
• At least 3 years of leadership or supervisory experience in cybersecurity operations.
• Hands-on experience in system and network security administration across various security technologies.
• Proven experience in cloud security, security frameworks, cybersecurity operations, and regulatory compliance.
• Strong knowledge of ISO 2700x, PCI DSS, NIST, SWIFT CSP, and other information security standards.
• Excellent analytical, technical reporting, communication, and leadership skills.

Key Responsibilities

• Execute and oversee Vulnerability Assessments (VA), Penetration Testing (PT), Red Team exercises, and Threat Hunting activities.
• Develop and maintain security hardening standards and security baselines across the bank’s technology infrastructure.
• Assess cybersecurity risks in new systems, applications, and emerging technologies including AI, Machine Learning, and cloud platforms.
• Conduct technical security assurance reviews covering firewalls, Endpoint Detection and Response (EDR), Identity and Access Management (IAM), and related security technologies.
• Lead cybersecurity incident management, investigation, response, recovery, and post-incident reviews.
• Coordinate cybersecurity drills to evaluate organizational readiness and response capabilities.
• Ensure compliance with ISO 2700x, PCI DSS, SWIFT CSP, and other regulatory security requirements.
• Strengthen cybersecurity governance, security controls, and compliance across on-premises and cloud environments.

Required Skills

• Cybersecurity operations and security management.
• Vulnerability Assessment and Penetration Testing (VAPT).
• Threat hunting and Red Team operations.
• Incident response and Security Operations Center (SOC) management.
• Cloud security and security architecture.
• Identity and Access Management (IAM).
• Endpoint Detection and Response (EDR).
• Security governance, risk management, and compliance.
• Leadership and team management.
• Technical reporting, analytical thinking, and problem-solving.

Salary & Benefits

• Attractive remuneration package aligned with leading financial institutions.
• Opportunity to work with Sri Lanka’s most awarded private bank.
• Exposure to enterprise-scale cybersecurity technologies and digital banking platforms.
• Professional development and certification opportunities.
• Comprehensive employee benefits in accordance with company policies.

How to Apply

Applications should be submitted through the Commercial Bank Careers Portal by selecting the Manager – Cybersecurity Operations vacancy.

Important Notes

• Only shortlisted candidates will be contacted for interviews.
• Professional cybersecurity certifications such as CISSP, CISM, CRISC, CEH, or CHFI are highly desirable.
• Applicants should possess strong leadership experience in cybersecurity operations.
• Experience with ISO 2700x, PCI DSS, NIST, and SWIFT CSP frameworks is essential.
• The work location for this position is Colombo District, Sri Lanka.