Information Security Officer

Malta

Main Duties and Responsibilities:

  • Design, develop, oversee implementation, monitor a comprehensive and in-depth cyber risk management program;

  • Define detailed policies and working procedure for the implementation of cyber defence controls;

  • Establish a corporate methodology and advice Senior Management and the Board on cyber defence management;

  • Identifying vulnerabilities in current network;

  • Lead and coordinate that processes such as penetration and vulnerability tests are conducted by competent and reliable bodies to find any flaws and mitigate risks;

  •  Monitoring network usage to ensure compliance with information security policies;

  • Lead and coordinate on securing our systems against emerging risks such as Cyber Security, GDPR Compliance;

  • Integrate and monitor cyber incident response management within the Company;

  • Promote cyber threats awareness and provide training on mitigation processes across the Company including employees, suppliers, partners and customers;

  • Initiate and execute cyber exercises;

  • Work with the relevant functions (technology and business) within the Company in order to analyse and assess the levels of inherent risk, the respective controls required and the levels of residual risk and exposure to cyber threats;

  • Work closely, communicate regularly and suggest solutions to Risk and Compliance members re Security Risks and cyber defence policy;

  • Coordinate and liaise with third parties on cyber defence matters;

  • Control access permissions, security and privileges;

  • Keeping up to date with developments in ICT and information security standards and threats by continuously following training leading to professional information security certification;

  • Operate effectively and with minimal supervision with a high degree of accuracy;

  • Handle concurrent tasks with appropriate priority;

  • Help ICT Manager and Platform Administrator on database upgrades, on-premise and cloud infrastructure especially security aspects;