• Participate in the development and implementation of security architectures that meet business requirements in alignment with corporate guidelines, balancing security, cost, and user experience;
• Deploy and operate security related controls and solutions as required by Security management and Corporate guidelines;
• Assist in conducting risk assessments from an ISS perspective;
• Assist in defining security related technical requirements necessary for compliance with regulation such as GDPR;
• Define, implement and operate the processes and solutions related to User Management including periodical reviews and reporting;
• Contributing in the upgrades of IT security platforms and new execution of IT security solutions;
• Actively monitoring, analysing and managing logs, events, and other data sources in the determination of suspicious activities and threats and organize metrics and indicators on ISS risks;
• Providing support services to business areas within the established IT Security Services framework.
• Collaborate in the response security events.
Knowledge, Skills and Abilities:
Education: A B.Sc. degree in Computer Studies or equivalent; Advanced degree and/or additional education and training beyond a bachelor would be an asset.
Experience: A minimum of 2 years’ experience in Information Technology is required. Any experience in information security architecture, design, development, implementation, and administration in private or public sectors would be considered an asset. Alternatively, consultancy or advisory experience within the field of information security.
Knowledge: General knowledge of industry practices, standards, and concepts within field of work. Applies them to perform work requiring analytical business skills.
Decision Making: Makes decisions using broad management skills. Applies guidelines and procedures that leave considerable room for discretion and interpretation. Decisions directly influence project, client relationships and or expenditures. Additionally, decisions exert some influence on organization's long-range goals and objectives. Participates in determining objectives of assignments.
Supervision Received: Self-motivated work under general supervision. Work is reviewed for overall adequacy in meeting objectives.
Problem Solving /Operations/Direct Work Involvement: Develops solutions to a variety of problems, typically technical in nature, of moderate scope and complexity. Refers to and interprets policies and practices for guidance.
Client Contacts: Contacts other departments and or external organizations or parties frequently. Contacts are primarily at or below upper management levels.
Additional Skills and Abilities
SSCP, CISA or equivalent information security certification highly desired.
Advanced expertise in three or more of the following and working knowledge of at least six areas:
- Risk Management concepts;
- Access control systems and methodology;
- Identity management and authentication systems;
- Directory services design;
- Experience implementing and/or managing security systems such as firewalls, IDS/IPS, content filtering, antivirus, encryption, etc.;
- Application security and systems development life cycle;
- Encryption technologies;
- Data and systems integrity controls;
- Network and Internet Security;
- Audit and event management;
- Business continuity, availability and disaster recovery;
- Operational security controls;
- Vulnerability Analysis;
- Secure coding practices/Code review;
- Experience with security analysis tools and techniques (commercial and/or open source);
- Technical experience in design and troubleshooting Internet services including, but not limited to, DNS, LDAP, FTP, HTTP and Web services, SMTP and POP protocols;
- Knowledge of security and privacy related regulation (e.g. GDPR).
Demonstrated Technical Knowledge:
- TCP/IP Communications, Networking, DNS;
- Microsoft Windows—Server & Desktop;
- Design, analysis, construction, and problem-solving;
- Oracle or other SQL database;
Demonstrated Communications and Business Skills:
- Written and oral presentation skills;
- Excellent interpersonal, consultative, coaching, communication, and negotiation skills;
- Adherence to high standards of ethics and personal integrity, initiative, and respect for others.
- Ability to manage and prioritize complex, changing workloads in a challenging technical environment;
- Capacity to quickly absorb new concepts and technologies and apply that knowledge to current efforts and plans;
- Demonstrated flexibility and capacity for creative thinking.
Maltese MLevel: Excellent
English Level: Excellent
Spanish Level: Any level is considered an asset