Sparkasse Bank Malta plc is a licensed credit institution which provides private banking, investment services and custody / depository services. As a result of our continuous growth, a vacancy has arisen for an IT Regulatory Analyst within the IT Regulatory Analysis Team.
This role is focused on Security Operations, as well as monitoring the outsourced security operations centre, under the guidance of and expert Manager.
Main Duties:
Qualifications/ Skills:
Extensive training will be provided.
An attractive remuneration package will be offered to the right candidate.
The data you submit will be processed as per the Candidates Privacy Notice.
This role is focused on Security Operations, as well as monitoring the outsourced security operations centre, under the guidance of and expert Manager.
Main Duties:
- Support in the monitoring of application and network events and definition related alerts and thresholds;
- Support in monitoring of security relevant event logs, including troubleshooting of event feed set-up;
- Record keeping of events, alerts and materialised IT incidents;
- Maintain security baselines and hardening guidelines as well as other Security Operations related documentation;
- Work within the IT Department to perform security hardening or other improvement spot checks of the IT enterprise architecture, throughout the year;
- Monitor of the latest cyber security trends with the aim of maintaining a near-real-time cyber-security picture;
- Circulation of identified security trends (monthly newsletters) and IT Departmental news to keep Bank staff informed accordingly;
- Help to remediate detected vulnerabilities to maintain a high-security standard;
- Facilitate a centralised dashboard to allow the viewing and administration / resolution of identified security events in a timely manner;
- Support IT Operations in IT incident triaging and response for occurrences which are related to security events;
- Coordinate with the IT Regulatory Analyst to assist and contribute towards the maintenance of IT security related guidelines;
- Document and coordinate IT penetration testing efforts and vulnerability assessments, carried out by an external service provider, when and if required;
- Coordinate with HR and take the lead for Bank staff IT related training requirements (including on cyber security), cyber-security monthly newsletter and staff security skills assessment to pre-empt Bank training requirements if required;
- Training coordination of IT Operations and Developer Teams on topics related to IT Security;
- Monitoring of the Asset Lifecycle and End-of-Life / End-of-Support Management for the Bank’s various systems and applications by building a database of security sources and subscriptions to receive security vulnerability alerts;
- Monitoring of anti-malware and vulnerability scans aimed at continuous vulnerability assessment and remediation;
- Consult during new application, software / hardware acquisitions for security related assessments and feedback while keeping in mind recommended security guidelines and industry best practices;
- Website cloning monitoring activities;
- Creation of cyber security scenarios and applicable emergency response plans;
- Mainly support the IT Compliance & Regulation team in governance related tasks such as, but not limited to:
- Support in relation to the interpretation and implementation of applicable IT regulations / attestations and act as liaison with stakeholders
- Liaise with internal or external stakeholders in respect of audits related to IT Controls and IT Security
- Prepare and maintain policies, procedures and processes owned by the Bank’s IT Department and related to IT Controls and IT Security
- IT third party service provider monitoring (incl. outsourcing)
Qualifications/ Skills:
- Two years working experience in a similar role or equivalent experience and know-how in an IT operations / IT support role;
- Understanding of IT Security, Cyber Security and ideally proficiency in security control design e.g. network design, firewalls, endpoint security, etc.;
- Proof of expertise in IT or Cyber Security (or other related ICT area of specialisation);
- Proficient in penetration testing and vulnerability assessments;
- Threat hunting experience is considered an asset;
- Experience in using SIEM tools and knowledge of endpoint detection and response (EDR);
- Industry qualifications, such as CCNA, CompTIA Network+, etc. are considered an asset;
- Good written and oral communication skills;
- Strong command of verbal and written English;
- Ability to work under pressure and prioritize;
- Ability to work on own initiative, self-starter and self-motivated;
- An enthusiastic, reliable team player;
- Critical thinking skills, excellent analytical, and reporting capabilities;
- Problem-solving skills;
- Have attention to detail and ability to think logically, out-of-the box;
- Some project management experience is considered an asset;
- Strong Excel skills are desirable.
Extensive training will be provided.
An attractive remuneration package will be offered to the right candidate.
The data you submit will be processed as per the Candidates Privacy Notice.