Credit Bank PNG is recruiting 2x suitable candidates for the role of Information Security Engineer

Each Information Security Engineer will be accountable and responsible for the design, engineering and operationalization of information security strategy, polices, procedures, standards in Credit Corporation; through building relationship and engagement with all relevant stakeholders and leaders to ensure confidentiality, integrity, availability of CC’s information assets and data.

Primary Responsibilities:

Organization

• Operationalize Credit Corporation’s information security strategy and roadmap within the budget to improve and maintain Credit Corporation’s security maturity at an agreed and acceptable level; protecting Credit Corporation’s information assets and ensuring business resiliency.
• Manage Information Security Risk within Risk Appetite Statement.

Individual

• Contribute to the operationalization and update of Information Security Strategy, Architecture Design, Policies, Procedures, Standards and guidelines.
• Implement Information Security Architecture Design factoring business resiliency and ROI.
• Design and maintain operational oversight of security tools and configurations that adhere to Information Security Policy standards and best practice.
• Implement security standard baselines designs for all Credit Corporation’s information assets (Physical and Digital).
• Implement Data Protection Strategies in data back-up, replication and recovery frameworks and procedures.
• Evaluate & enforce compliance with Cloud Computing Security Standards on third-party cloud solutions such as SOC2 and ISO2700 series for Information Security Management and ISO4200 series for AI Management, etc
• Continuously provide oversight to 1^st Line of Defence to remediate security risks in line with ongoing information security risk assessment, access reviews. 3rd party reviews, internal & external audit findings, vulnerability assessments, penetration testing, red team/blue team exercise findings and secure code reviews.
• Actively participate in projects to ensure Information Security Policy and Baselines are considered and fitted in the project methodology, change management and development lifecycle for enhancements and new systems/integration.
• Staying connected and informed of latest information security and technology trends, threats, threat actor motives, threat targets and attack behaviors through internal sources (intel sharing, indicators of compromise) and external sources (contextual news and updates).
• Comply to Regulatory, Legislative & Industry Information Security Programs, Standards and Frameworks (where mandated) such as PCI DSS, SWIFT CSCF & BPNG REPS.
• Actively participate and be an advocate of Information Security Awareness and drive a security-aware culture in Credit Corporation. Lead by example.
• Compile and provide regular reporting to CRO, IT Management, Board Risk & Compliance Committee, Risk Forums, Group Risk Oversight Committee, EXCO, and CC Group Board as required.
• Always establish and maintain effective professional working relationships with your co-workers and staff upholding the Credit Corporation values, mission and vision.

Personal Qualities and Requirements

• General technical knowledge of information security frameworks, practices and concepts
• General technical Knowledge of Information technology & communication
• Technically knowledgeable and/or skilled in OSI Model, IT infrastructure, cloud-native solutions, IoT architectures, application development methodology and frameworks, database technologies, web & mobile technologies, network architecture, enterprise architecture, and active directory services.
• Security technology acumen and experience including but not limited to: firewall, intrusion detection, security tools and defences, encryption, identity and access management, web filtering, anti-malware, anti-phishing, identity and access management, multi factor authentication.
• High analytical skills required to analyse defects and spot trends.

Expected Behaviours

• Communicate with Respect, Equality & Open-mindedness.
• Take initiative & speak up.
• Take constructive feedback
• Be accountable and take ownership.
• Connect with others to achieve shared success.
• Detailed oriented.
• Good analytic skills.

Formal Qualifications:

• Degree in Information Technology or other related fields.

Application process:

If you think you have what it takes to be in this role, we would like to hear from you.

Applications close on Friday, 6^th March 2026, and must provide the following:

• A cover letter.
• A current CV with the names of three (3) contactable referees

Applications must be addressed to:

The Head of People & Culture

Credit Corporation (PNG) Limited

P O Box 1787

Port Moresby, 121

National Capital District

Applications must be emailed to [email protected]