• SpotOn Connections Recruitment Solutions
  • Sliema, Malta
  • Mar 16, 2020
Full time Information Security Jobs

Job Description


The Role
The Information Security Engineer works closely with the various teams to ensure that both security and compliance are maintained at all times, to ensure protection of business and customer data. The role also involves engaging with third parties to perform security assessments and audits.

The Information Security Engineer reports to the Head of Information Security within the Information Security Team, which is responsible for the continuous maintenance and improvement of the overall security posture, technology risk management and regulatory compliance.


Assisting in the design and implementation of the company information security framework
Continuous monitoring and analyzing of security alerts, audit logs and reports
Conducting and coordinating penetration testing exercises and vulnerability assessments
Performing regular auditing and investigations to identify potential or confirmed security incidents
Vetting of new applications and modifications with production owners and developers to identify possible risks
Deploying, operating and monitoring tools to enhance information security
Documenting and reviewing policies and procedures
Assisting with the ongoing maintenance of regulatory requirements
Managing the security awareness training program for all employees
Monitor the effectiveness of information security processes and controls
Engaging and participating in the security community and keeping abreast of information security incidents
Performing other security related duties as necessary


First degree or Diploma in Computer Science, Information Systems or relevant technical field
3 to 4 years of experience in a similar role
Information Security Certifications, such as Security+, Ethical Hacking
Experience working with and extensive knowledge of laws and regulations such as PCI DSS, EU Data Protection (GDPR) and the Revised Directive on Payments Services (PSD2)
Knowledge of Microsoft, CISCO, Linux technologies and associated security risks
Deep understanding of common coding security vulnerabilities
Ability to quickly adapt to changing environment and to work on own initiative with minimal supervision
CISA, CISM, CRISC certifications are considered an asset