Information Security Specialist

FIMBank is an international trade finance bank with an international network of offices spanning five continents.  The Bank is headquartered in Malta, is listed on the Malta Stock Exchange, and regulated by the Malta Financial Services Authority.  We are seeking to recruit an Information Security Specialist who will form part of a proactive team responsible for safeguarding the information assets of the FIMBank Group and will contribute to on-going efforts to maintain adequate security posture of Group information, operations, processes and IT systems.  You will be expected to blend a strong understanding of technology together with an effective risk-based approach to security.

Main Duties will include active participation in driving the following activities:

•      the definition, upkeep and enforcement of the Group information security program, policies and practices;  

•      the identification, prioritisation, investigation and reporting of existing and potential information security issues, anomalies and violations that may result in risk to Group business, including supporting the coordination of the management and monitoring of security information and events, of security incident management and response, and security patch management;  

•      recommendation, development and implementation of appropriate security controls and ensuring that such controls operate as intended;  

•      vulnerability management and penetration testing program, as well as the creation and monitoring of corresponding remediation plans;

•      assessment and periodic review of information security risks for new and ongoing initiatives;

•      communication with internal and external stakeholders with respect to security issues, including the promotion of security awareness within the Group and development of the security awareness program;

•      research and maintaining up-to-date expertise on current security intelligence, issues, exploits and trends, together with regulatory and statutory security obligations;  

•      support duties in relation to information security matters as may be required; and  

•      any other duties related to the protection of the information assets of the Group, as delegated by management;


Skills and Experience:

This role calls for a minimum of three (3) years of prior working experience within demanding mission-critical environments having high exposure to well-established security practices. Possession of current Information Security qualifications from leading independent associations is highly desirable.  Whilst not essential, any other specialised infosec certifications may be considered as assets.

You must be a good team player, be willing to provide support after standard office hours as may be necessary from time to time, show initiative and commitment together with a capacity for taking on responsibility and meeting tight deadlines. You must also be able to communicate clearly and effectively through firm command of the verbal and written English language.