Information Security Officer (ISO)

Key Responsibilities

As an Information Security Officer, your daily activities will include:

  • Working with other functions to support compliance with DORA requirements: ICT risk management, incident reporting, resilience testing, third-party ICT service provider oversight, and other relevant provisions.
  • Ensuring adherence to other relevant laws/regulations (MFSA, EU law, GDPR, etc.) and international standards.
  • Liaising with regulatory bodies, internal audit, and external auditors regarding security and operational resilience.
  • Developing, maintaining, and updating the Information Security Framework (ISF), including policies, standards, procedures, guidelines, and controls.
  • Identifying vulnerabilities and threats, assessing likelihood and impact, recommending, and tracking mitigation plans.
  • Participating in business initiatives to ensure security is embedded in projects (secure by design).
  • Establishing, testing, and maintaining an incident response plan aligned with DORAs requirements.
  • Ensuring timely detection, reporting (internally and to regulators where required), containment, remediation, and lessons learned from security incidents.
  • Leading the yearly DORA testing programme.
  • Evaluating the security posture of ICT service providers/vendors, ensuring contractual and operational controls are aligned with DORA and internal policies.
  • Maintaining and reviewing outsourcing/vendor registers, conducting due diligence, and periodic audits/assessments of third parties.
  • Monitoring security incidents, system logs, vulnerabilities, threats, and emerging risks.
  • Producing regular reports for senior management, risk committees, and the Board on information security posture, compliance status, incident metrics, risk treatment plans, etc.

Skills and Capabilities Required

  • 3+ years of experience in information security or ICT risk, ideally in financial services or regulated environments.
  • Familiarity with DORA, MFSA requirements, and other relevant regulations (e.g., GDPR).
  • Working knowledge of ISO 27001, NIST, or other security frameworks.
  • Strong understanding of ICT environments, especially in cloud-based or outsourced setups.
  • Hands-on, proactive approach comfortable being both strategic and operational.
  • Excellent communication and stakeholder engagement skills.
  • Relevant certifications (e.g., CISSP, CISM, ISO 27001) are an asset, but not essential.

#LI-JM1

  • Application deadline NO DEADLINE
  • Job Ref No. 9d561d77-dc77-42ee-8493-d2179dc5f1b8
APPLY
Save
Type of work
Full time
Location

Valletta, Malta

Industry

SIMILAR JOBS

  • Senior Technical Officer
Birkirkara, Malta
APPLY NOW
  • Credit Officer
Valletta, Malta
APPLY NOW
  • Fire & Security Technicians ( ELV + Needs to Drive )
Birkirkara, Malta
APPLY NOW
  • Finance Officer
Valletta, Malta
APPLY NOW
  • Senior Regulatory Reporting Officer
Valletta, Malta
APPLY NOW
  • Junior AML Officer
San Ġwann, Malta
APPLY NOW
  • Information Security Analyst
Żejtun, Malta
APPLY NOW
  • Procurement & logistics Officer
Msida, Malta
APPLY NOW
  • Credit Control Officer
Birkirkara, Malta
APPLY NOW
VIEW ALL JOBS

OTHER JOBS

Job Image
  • People Success Specialist
Żejtun, Malta
APPLY NOW
Job Image
  • Claims Specialist
Marsa, Malta
APPLY NOW
Job Image
  • Front Office Receptionist - CSP
Birkirkara, Malta
APPLY NOW
Job Image
  • FMCG - Head of Sales & Marketing
Marsa, Malta
APPLY NOW
Job Image
  • MLRO
Valletta, Malta
APPLY NOW
Job Image
  • Senior Technical Officer
Birkirkara, Malta
APPLY NOW
Job Image
  • Senior Tax Executive
Birkirkara, Malta
APPLY NOW
Job Image
  • Reservations Agent - German Speaking
St. Julian's, Malta
APPLY NOW
Job Image
  • Supervisor - Call Centre Operations (Insurance)
Floriana, Malta
APPLY NOW
VIEW ALL JOBS

LOGIN

Login with email

or login with