Senior Analyst

About Department

The Supervisory ICT Risk and Cybersecurity Function forms part of the MFSA’s Supervision Directorate, it is cross-sectorial, and has been established to focus on one of the Authority’s outlined key strategic priorities – Address ICT risks and digital finance challenges with a focus on strengthening operational resilience within the framework of the Digital Operational Resilience Act (DORA).  As a supervisory function, its portfolio of activities include effective supervision, which aims to ensure that regulated firms within the industry, are effectively managing their ICT risks, and have a resilient cybersecurity framework in place, in line with Acts, Regulations, rules and sector-specific guidelines.  The function participates and contributes in various Working Groups, Task Forces and Committees at local and international levels, and develops policies and guidelines for the industry.

The Supervisory ICT Risk and Cybersecurity Function provides expert advice on ICT and Cybersecurity matters to other functions within the MFSA as required.  It is also a contributor on emerging strategies especially those that are technology focused.  The function is also the contact point for cyber incident reporting by regulated firms.

About Role

In this role you will form part of a dynamic team within Supervisory ICT Risk and Cybersecurity. The following are some tasks you will be involved in:  

• Supporting supervisory functions during the authorisation stage of prospective Licence Holders;
• Conducting supervisory activities in line with supervisory priorities and the risk-based supervisory approach established by the Authority;
• The conduct of micro and macro level analyses arising from the various activities carried out by the function to identify any patterns and/or trends;
• Provide advice to other functions within the MFSA on ICT Risk and Cybersecurity matters as required;
• The opportunity to represent MFSA in various Working Groups, Task Forces and Committees at local and international levels in relation to ICT Risk and Cybersecurity;
• The preparation of replies on EU proposals on legislative changes as well as eventual transposition of EU legislation into Maltese law;
• The development and amendment of rules and guidelines as necessary to address changes arising from EU Regulation, Directives and other EU legislative acts, national law, European Supervisory Authority policy, guidelines and market developments;
• Carrying out public consultations pertaining to the publication of new or amended rules and guidelines;
• The development and maintenance of operational procedures;
• Articulation and preparation of reports as required;
• Participation and contribution in cross-functional projects and initiatives as necessary;
• Preparation of documents or position papers for submission to the Authority’s decision-making body and/or follow up on decisions taken by the latter in relation to ICT Risk and Cybersecurity;
• Keeping abreast with developments in the areas of ICT Risk and Cybersecurity, including keeping current with technology advancements, emerging technologies especially those in use within the Financial Services sphere, and the persistent threat landscape;
• Keeping abreast with regulatory development and market evolution;
• Other duties that may be assigned by the respective line manager and/or head of function from time to time.

About You

The selected candidate will need to have a solid academic background in financial services and/or ICT law and/or computer information systems, information technology, or information security, as well as familiarity with the financial services regulatory framework.  Industry Certifications in ICT Risk and/or Cybersecurity and/or a relevant post-graduate degree would be considered an advantage.

The role calls for an academic qualification in a relevant field of study at National Qualification Framework Level 6 or better, duly certified by the Malta Qualification Recognition Information Centre (MQRIC) or a widely recognised professional qualification at a comparable level.

The selected candidate is expected to be a confident individual who is flexible, proactive, dynamic, having a critical and analytical mind-set and a high attention to detail.  The individual is also required to demonstrate good research and have excellent oral, written and presentation skills. You will also possess a minimum of five (5) years working in the area of financial services and/or ICT. 

If you do not have the necessary academic or professional qualifications but you have at least ten (10) years of relevant experience within a relevant field, we would still be interested in speaking with you.

Other Information

The MFSA is an Equal Opportunities Employer as certified by the NCPE (National Commission for the Protection of Equality) and is committed to a policy of equal opportunity in all aspects of employment and will take care to avoid any form of discrimination in its recruitment procedures. The MFSA reserves the right to withdraw this call at any time and not to select any of the Candidates.

It is the responsibility of applicants in possession of qualifications awarded by Universities and other similar institutions outside Malta to produce a recognition statement on comparability of qualifications issued by the Malta Qualifications Recognition Information Centre (MQRIC). Applicants should do so preferably at application stage or otherwise at the preliminary interview should an applicant be selected for such interview. Details can be obtained by accessing the National Commission for Further and Higher Education website on www.ncfhe.gov.mt under MQRIC heading.

The MFSA shall ensure that any processing of personal data is in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation), the Data Protection Act (Chapter 586 of the Laws of Malta) and any other relevant European Union and national law. For further details, you may refer to the Data Protection Policy on the MFSA webpage www.mfsa.mt.

Candidates are to note that the submission of any false statement/s or omission, even if unintended, may lead to the cancellation of their application and may render the candidate's appointment liable to termination.

Furthermore, please note that candidates may be asked to submit any documentation in support of the information provided, including but not limited to, proof of qualifications and Police Conduct Certificates.

Public Call Permit: 291/2023