Senior Information Security Analyst (REQ 1191)

Location: 
Malta Europe, Middle East and AfricaMalta
HID Global
2020-09-11
Job Type: 
Full-time
Functional Area: 
Information Technology

Senior Information Security Analyst (REQ 1191)

Location: Malta

 

Are you looking for a new challenge within Security & Risk Management? Maybe this job as a Senior Information Security Analyst in Zejtun, Malta is for you! 

As the fastest growing solution provider in citizen identity, HID Global is challenging the status quo with its collaborative approach to solutions delivery. We are positioned to deliver complex, scalable and future proof government programs, while empowering local government and partners.

Summary

The successful candidate will have broad information security and risk experience, with an IT background, a high degree of professionalism, a friendly and collaborative demeanor, strong verbal, written and organizational skills, and a willingness to become a Public Key Infrastructure subject matter expert.

This role is primarily responsible for

  • information security control effectiveness evaluations and recommendations,
  • advising the operations team on IT and Information Security matters, and contributing to solution design
  • performing risk assessments,
  • supporting compliance against ISO27001 as well as other industry specific standards and regulations such as eIDAS,
  • supporting the operation of the systems from an Info Sec perspective performing trusted roles such as the security officer role within the data centers ensuring information security is maintained and the policies/procedures are followed.

What you will be doing

You will be working with customers, suppliers and the technical teams to meet and exceed SLAs and KPIs together with continuous improvement schemes of both performance and process.

The role will report to the Director of Solution Quality Assurance, Deployment, and Technical Support.

Essential Duties and Responsibilities include the following. Other duties may be assigned.

  • Advising the operations team on IT and Information Security matters, contributing to solution design as necessary
  • Information security control effectiveness evaluations and recommendations
  • To perform the Security Officer Trusted Role as per the Trusted Role Procedure and associated Terms of Reference, the holding of credentials, and participating in renewal ceremonies etc.
  • Perform vulnerability and compliance scans
  • To become a Public Key Infrastructure Subject Matter Expert (SME)
  • To become an eIDAS SME
  • To be fully conversant with the information technology platforms, software, network design and hardware as detailed in the relevant contracts.
  • To be responsible for security policies, standards, procedures and guidelines across the networks and environments and to be fully conversant with routine controlled activities.
  • To continuously assess and mitigate both IT and information security risks
  • Prepare for and lead internal audits
  • Prepare for and support independent external audits
  • To ensure correct evidence for assurance and auditing is collected and controlled.
  • Feed into the Release, Control and Validation process for new software and hardware introduced into the live environment via the formal CR process.
  • Travel as required to perform internal audits and inspections at various sites (domestic and abroad).
  • To own the DRP planning and associated testing, ensuring in the event of a disaster we are able to rebuild and recover the system/services within the contracted timeframes.
  • Help lead and manage completion of the ISO 27001 implementation and ongoing recertification
  • Auditing and reporting on all aspects of Information Security related to UK and Malta sites
  • Initiate, facilitate and promote activities to create information security awareness within the organization
  • Monitor compliance with the organizations security policies and procedures among employees, contractors and other third parties and take corrective action where necessary
  • Monitor advancements of relevant Information Security technologies and threats
  • Help define, participate, monitor and when necessary lead global security incident response functions
  • Generate reports and executive summaries of various information security related metrics or risk assessments
  • Perform reviews of third parties to identify risks and potential remediation
  • Generate reports and executive summaries of third party assessments
  • To collaborate with colleagues outside of own sphere of business, sharing best practice.
  • To always act and behave in a way compliant with all company guidelines and policies, especially those relating to values and behaviours, environmental health and safety, ethics and codes of conduct.
  • Some travel abroad may be required (perform internal audits and inspections at various sites, both locally and internationally etc)

What we are looking for

  • Minimum of 3 years of experience in information security risk and compliance
  • Familiarity with Information Security Management Systems, control frameworks (ISO 27001, NIST CSF) and related risk assessment methodologies
  • General knowledge of enterprise network and systems architecture concepts and technologies, including but not limited to enterprise directory, enterprise integration architecture, identity and access management
  • CISM / CISA / CISSP Qualifications beneficial
  • Information Technology degree beneficial
  • Integrity and professionalism
  • Diligence
  • Team player
  • Strong interpersonal and organisational skills
  • Positive attitude and open to share and collaborate in a distributed team setting.
  • Good communication skills
  • Open to learn and grow
  • Able to make decisions amid ambiguity.
  • Depth of knowledge and ability to be able to withstand technical challenges on views and understanding regarding IT security and infrastructure design, but also able to incorporate others views and ideas to improve their own understanding and solutions proposed.

 

Final Application Date: 7th December 2020

*No 3rd party agency engagement required for this role*

HID Global is an equal opportunities employer 

HID Global is the trusted source for secure identity solutions for millions of customers around the world. Recognized for robust quality, innovative designs and industry leadership, HID Global is the supplier of choice for OEMs, system integrators, and application developers serving a variety of markets. These markets include physical and logical access control, including strong authentication and credential management; card printing and personalization; highly secure government ID; and identification technologies used in animal ID and industry and logistics applications. The company's primary brands include HID®, ActivIdentity™, Fargo®, and LaserCard®. Headquartered in Austin, Texas HID Global has over 3,500 employees worldwide and operates international offices that support more than 100 countries. HID Global is an ASSA ABLOY Group brand. For more information, visit www.hidglobal.com