Senior Information Security Analyst

Location: 
Malta Europe, Middle East and AfricaMalta
HID Global
2021-10-18
Job Type: 
Full-time
Functional Area: 
Information Technology
Job Level: 
Mid-Senior Level

The successful candidate will have broad information security and risk experience, with an IT background, a high degree of professionalism, a friendly and collaborative demeanor, strong verbal, written and organizational skills, and a willingness to become a Public Key Infrastructure subject matter expert. 

Duties and Responsibilities include but not limited to the following:

  • Advising the operations team on IT and Information Security matters, contributing to solution design as necessary
  • Information security control effectiveness evaluations and recommendations
  • To perform the Security Officer Trusted Role as per the Trusted Role Procedure and associated Terms of Reference, the holding of credentials, and participating in renewal ceremonies etc.
  • Perform vulnerability and compliance scans
  • To become a Public Key Infrastructure Subject Matter Expert (SME)
  • To become an eIDAS SME
  • To be fully conversant with the information technology platforms, software, network design and hardware as detailed in the relevant contracts.
  • To be responsible for security policies, standards, procedures and guidelines across the networks and environments and to be fully conversant with routine controlled activities.
  • To continuously assess and mitigate both IT and information security risks
  • Prepare for and lead internal audits
  • Prepare for and support independent external audits
  • To ensure correct evidence for assurance and auditing is collected and controlled.
  • Feed into the Release, Control and Validation process for new software and hardware introduced into the live environment via the formal CR process.
  • Travel as required to perform internal audits and inspections at various sites (domestic and abroad).
  • To own the DRP planning and associated testing, ensuring in the event of a disaster we are able to rebuild and recover the system/services within the contracted timeframes.
  • Help lead and manage completion of the ISO 27001 implementation and ongoing recertification
  • Auditing and reporting on all aspects of Information Security related to UK and Malta sites
  • Initiate, facilitate and promote activities to create information security awareness within the organization
  • Monitor compliance with the organizations security policies and procedures among employees, contractors and other third parties and take corrective action where necessary
  • Monitor advancements of relevant Information Security technologies and threats
  • Help define, participate, monitor and when necessary lead global security incident response functions
  • Generate reports and executive summaries of various information security related metrics or risk assessments
  • Perform reviews of third parties to identify risks and potential remediation
  • Generate reports and executive summaries of third party assessments
  • To collaborate with colleagues outside of own sphere of business, sharing best practice.
  • To always act and behave in a way compliant with all company guidelines and policies, especially those relating to values and behaviours, environmental health and safety, ethics and codes of conduct.
  • Other duties as assigned

Qualifications

  • Minimum of 3 years of experience in information security risk and compliance
  • Familiarity with Information Security Management Systems, control frameworks (ISO 27001, NIST CSF) and related risk assessment methodologies
  • General knowledge of enterprise network and systems architecture concepts and technologies, including but not limited to enterprise directory, enterprise integration architecture, identity and access management
  • CISM / CISA / CISSP Qualifications beneficial
  • Information Technology degree beneficial

Customer Expectations

  • Integrity and professionalism
  • Diligence
  • Team player
  • Strong interpersonal and organisational skills
  • Positive attitude and open to share and collaborate in a distributed team setting.
  • Good communication skills
  • Open to learn and grow
  • Able to make decisions amid ambiguity.
  • Depth of knowledge and ability to be able to withstand technical challenges on views and understanding regarding IT security and infrastructure design, but also able to incorporate others views and ideas to improve their own understanding and solutions proposed.

Work Environment

  • The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • Employee works primarily in an office environment, with in a well-ventilated area, and is exposed to moderate noise levels.

Work Requirements

  • Compliance to all relevant HID Global policies and procedures related to Quality, Security, Safety, Business Continuity, and Environmental systems.
  • Travel and fieldwork, including international travel, may be required. Therefore, employee should be able to acquire, a valid US VISA.
  • This position is only open to EU residents or candidates who have been living in Malta for at least 5 years.