Job vacancy: Senior Analyst (ICT Risk) (within Cyber Security and ICT Risk)
Job code: CSI/007/19
About Cyber Security and ICT Risk:
The Cybersecurity and ICT Risk Function provides specialist services and support to the Authorisation and Supervision teams at the Authority across all financial sectors as part of the overall supervisory framework. It is responsible for the assessment of fit and proper Cybersecurity posture, ICT strategic alignment to Business strategy, ICT governance, and general ICT risk profile, exposures, and controls of Licenced Holders and applicants seeking Authorisation based on established regulatory frameworks, technical standards, and guidelines. The function, therefore, provides the necessary technical risk assessments and guidance as part of the Authority's holistic risk-based supervision model. It also supports the development of policy and supervisory work related to cybersecurity and ICT risk. Furthermore, the function provides technical support and coordination in terms of cybersecurity forensics, supervisory investigations or enforcement actions as required.
Within this role you will work on supervisory policy related to ICT risk, including cybersecurity, according to regulatory development and market evolution, working closely with all stakeholders at a strategic, supervisory and operational level across the whole organization.
Day to day duties will include:
- The development and amendment of ICT governance and risk related rules and guidelines as necessary to address changes arising from EU Regulation, Directives and other EU legislative acts, national law, European Supervisory Authority policy, guidelines and market developments;
- The active participation in the preparation of replies related to the subject matter with regards to EU proposals on legislative changes as well as eventual transposition of EU legislation into Maltese law;
- Representing MFSA at various working groups and task forces at the local and international level in relation to supervisory cybersecurity and ICT risk policy and assessment;
- Developing and updating internal policy related to supervisory ICT risk assessment within the Authority’s holistic risk-based supervision model across the full supervisory cycle;
- Preparation of documents or position papers for submission to the Authority’s decision body and/or follow up on decisions taken by the latter in relation to cybersecurity and ICT risk;
- Providing support on the developing and maintenance of operational procedures and controls, and providing operational reports related to the cybersecurity and ICT risk function;
- Participation in cross-functional projects and initiatives as necessary;
- Developing and transferring knowledge, and providing advice on the subject matter;
- Other ad hoc duties as may be required by the Head and/or the senior management officials of the Unit from time to time.
- To qualify for this role, you should have a solid academic background in public policy, ICT law and/or computer information systems, information technology, or information security, as well as a sound knowledge of financial services legislation and familiarity with the financial services regulatory framework. A relevant post-graduate degree would be considered an advantage.
- The role calls for an academic qualification in a relevant field of study at National Qualification Framework Level 6 or better, duly certified by the Malta Qualification Recognition Information Centre (MQRIC) or a widely recognized professional qualification at a comparable level.
- You will possess a minimum of five (5) years working in the area of financial services and/or compliance with financial services regulation for a number of years.
- If you do not have the necessary academic or professional qualifications but you have at least ten (10) years of relevant experience within a relevant field, we would still be interested in speaking with you.
How to apply or query further information:
- Ability to articulate complex concepts in a clear manner;
- Excellent verbal, written, and interpersonal communication skills;
- Able to organize time, multitask, and autonomously define day-to-day priorities;
- Able to work collaboratively within a complex, diverse organization and disciplines, and interact with all levels of the organization;
- Ability to be flexible and agile to changing priorities and work exigencies.
Candidates are to forward a copy of their Curriculum Vitae (C.V.) and an accompanying covering letter providing the motivation for the application.
Other Important Information:
The MFSA is an Equal Opportunities Employer as certified by the NCPE (National Commission for the Protection of Equality) and is committed to a policy of equal opportunity in all aspects of employment and will take care to avoid any form of discrimination in its recruitment procedures. The MFSA reserves the right to withdraw this call at any time and not to select any of the Candidates. It is the responsibility of applicants in possession of qualifications awarded by Universities and other similar institutions outside Malta to produce a recognition statement on the comparability of qualifications issued by the Malta Qualifications Recognition Information Centre (MQRIC). Applicants should do so preferably at the application stage or otherwise at the preliminary interview should an applicant be selected for such an interview. Details can be obtained by accessing the National Commission for Further and Higher Education website under MQRIC heading. The MFSA shall ensure that any processing of personal data is in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation), the Data Protection Act (Chapter 586 of the Laws of Malta) and any other relevant European Union and national law. For further details, you may refer to the Data Protection Policy on the MFSA webpage. Candidates are to note that the submission of any false statement/s or omission, even if unintended, may lead to the cancellation of their application and may render the candidate's appointment liable to termination. Furthermore, please note that candidates may be asked to submit any documentation in support of the information provided, including but not limited to, proof of qualifications and Police Conduct Certificates.
Malta Financial Services Authority:
The Malta Financial Services Authority (MFSA) is the single regulator for financial services in Malta. It was established by law on 23 July 2002 taking over supervisory functions previously carried out by the Central Bank of Malta, the Malta Stock Exchange and the Malta Financial Services Centre. The Authority is a fully autonomous public institution and reports to Parliament on an annual basis.