Job Details

Job
Location
CISO (Chief Information Security Officer) ? Malta/ Remote - Malta
Job ID: 6358
Job Type:
Region:

Malta

Job description: CISO (Chief Information Security Officer) – Malta/ Remote
 
The position of Chief Information Security Officer (CISO) is a critical position in the company, being a
key member of the company’s Executive Management Team and a central driver of the company’s
risk management strategies. The Chief Information Security Officer serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. A key element of the CISO's role is working with executive management to determine acceptable levels of risk for the organization. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected
 
Main responsibilities:
  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program, within the framework of existing policies
● Work directly with the business units to facilitate risk assessment and risk management processes
● Develop and enhance an information security management framework
● Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
● Provide leadership to the enterprise's information security organization
● Partner with business stakeholders across the company to raise awareness of risk management concerns
● Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
● Integrate within the global organisation’s technology and information security leadership teams in diverse geographies, participate in working groups and teams, contribute to the preparedness of the global organisation, and extract best practice that can be incorporated in the company’s policies and procedures.
 
Specific Requirements:
● Degree in business administration or a technology-related field required.
● Professional security management certification
● Minimum of two to three years of experience in a combination of risk management, information security and IT roles
● Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
● Excellent written and verbal communication skills and high level of personal integrity
● Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
● Experience with contract and vendor negotiations and management including managed services.
● Specific experience in best in class security practices.
● Experience with Cloud computing / Elastic computing across virtualized environments.
● Optional: relevant and well-regarded certifications in cloud computing such as CKA (Certified Kubernetes Administrator), AWS Professional or Specialty levels, Google Professional level
● Optional: advanced security accreditation such as CISSP, OSCP, CASP, CCSK
 
Additional requirements:
● Work highly independently, with stakeholders outside the formal management structure
● Take the lead in face-to-face situations where local expertise and general knowledge in Information Security is needed
● Support the European growth and / or expansion of the business from a privacy, regulatory, employment and security point of view
● Write good quality policies, procedures and technical documentation
● Nurture security awareness in the organization, curating and producing material to support this, and relate this to the global business, and the current threat landscape
● Be familiar with risks introduced to organizations by third parties, and processes and practices which can mitigate these
● Take a risk-based approach to all facets of Information Security, model threats and consider impact and likelihood, play an active part in Incident Response and Purple-teaming
● Have a "finger on the pulse" of current challenges and exploits in the ecosystem
● Be an active participant in a truly world class global security organization
 
In case you would like to apply, please send your English CV to joana@spotonconnections.com