• Spoton Connections
  • Malta
  • Mar 26, 2020
Full time Information Security Jobs

Job Description

The Role
The Information Security Engineer works closely with the various teams to ensure that both security and compliance are maintained at all times, to ensure protection of business and customer data.  The role also involves engaging with third parties to perform security assessments and audits.
The Information Security Engineer reports to the Head of Information Security within the Information Security Team, which is responsible for the continuous maintenance and improvement of the overall security posture, technology risk management and regulatory compliance.

  • Assisting in the design and implementation of the company information security framework
  • Continuous monitoring and analyzing of security alerts, audit logs and reports
  • Conducting and coordinating penetration testing exercises and vulnerability assessments
  • Performing regular auditing and investigations to identify potential or confirmed security incidents
  • Vetting of new applications and modifications with production owners and developers to identify possible risks
  • Deploying, operating and monitoring tools to enhance information security
  • Documenting and reviewing policies and procedures
  • Assisting with the ongoing maintenance of regulatory requirements
  • Managing the security awareness training program for all employees
  • Monitor the effectiveness of information security processes and controls
  • Engaging and participating in the security community and keeping abreast of information security incidents
  • Performing other security related duties as necessary


  • First degree or Diploma in Computer Science, Information Systems or relevant technical field
  • 3 to 4 years of experience in a similar role
  • Information Security Certifications, such as Security+, Ethical Hacking
  • Experience working with and extensive knowledge of laws and regulations such as PCI DSS, EU Data Protection (GDPR) and the Revised Directive on Payments Services (PSD2)
  • Knowledge of Microsoft, CISCO, Linux technologies and associated security risks
  • Deep understanding of common coding security vulnerabilities
  • Ability to quickly adapt to changing environment and to work on own initiative with minimal supervision
  • CISA, CISM, CRISC certifications are considered an asset