Information Security Compliance Engineer - Security & Risk jobs in Malta - January 2023
By using this site, you consent to the use of cookies to improve your user experience through analytics and personalised marketing efforts.

Information Security Compliance Engineer

Konnekt

Expires in 23 days (24 Feb 2023)


Reporting to the Chief Information Officer with a primary focus on the overall Information Security management of the firm, the Information Security Compliance Engineer will be responsible for the implementation and maintenance of controls, processes and audits required for the implementation of ISO 27001 standard, and related information security controls.

The Role:

  • Overall management of the firm’s Information Security Management System (‘ISMS’), including the continuous upkeep and upgrading of this same ISMS;
  • Supporting the internal teams with regulatory security requirements focusing on ISO 27001;
  • The implementation and maintenance of relevant policies and procedures;
  • Coordination of GDPR requirements and liaising with the Data Protection Officer with respect to GDPR related matters; 

 Duties and responsibilities include:

  • Design, develop, implement and maintain the firm’s ISMS related policies, processes, procedures and work instructions aligned with regulatory and compliance requirements, as well as business objectives;
  • Ensuring the continuous improvement of the firm’s ISMS and GDPR;
  • Contribute to the development of appropriate security KPIs, objectives and strategies, towards improving the firm’s security posture and security maturity. Develop reporting metrics, dashboards and evidence artifacts as part of the process which can be communicated to the business stakeholders periodically;
  • Maintain and improve the security knowledge, training and awareness framework within the organization;
  • Maintain the Security Risk Register and liaising with other relevant parties within the organization;
  • Providing advice on ISO 27001 and other relevant standards;
  • Participate in regulatory audits and assist Legal and Compliance teams as may be required from time to time;
  • Assist teams in supplier onboarding risk assessment processes;
  • Manage assigned projects, developing project scopes and objectives, involving all relevant stakeholders and ensuring technical feasibility;
  • Identify significant risk exposures relating to control processes and make appropriate recommendations;
  • Perform IT audit action plans on previously raised findings;
  • Establish and maintain relationships with internal departments as well as third parties/vendors;
  • Document and report control failures and gaps to stakeholders. 
  • Provide remediation plans and prepare management reports to track remediation activities;
  • Remain up-to-date on best practices and technological advancements, as well as act as a point of reference for security assessments and regulatory compliance; and
  • Perform other related duties as may be assigned from time to time.
Skill-sets and Requirements
  • Have a minimum of 4 years’ experience in the field of IT audit/IT advisory, Information Security; or have equivalent experience in the industry (e.g., IT compliance, ISO 27001, ITIL and IT security);
  • Project Management and Implementation experience
  • Experience with Internal Audits, through data Analysis, Audits of Systems and Functional Audits
Education & Experience
  • Bachelor’s degree in Information Systems, Information Security, Computer Science or equivalent; 

time
Full Time
Job Type
experience
Experienced (3 years +)
Experience Level
category
Security & Risk
Category
industry
Legal Services
Industry


Send me Similar Jobs