Deputy Head

within Cyber Security and ICT Risk


VIEW JOB DETAILS

Deputy Head

within Cyber Security and ICT Risk


VIEW JOB DETAILS
  • Grade:

    4
  • Type:

    Indefinite
  • Closing Date:

    13/12/2019
  • Job code:

    CSI/001/19
  • Team:

    Cyber Security & ICT Risk
  • Date Posted:

    11/11/2019

About Cyber Security and ICT Risk


The Cybersecurity and ICT Risk Function provides specialist services and support to Authorisation and Supervision teams at the Authority across all financial sectors as part of the overall supervisory framework. It is responsible for the assessment of fit and proper Cybersecurity posture, ICT strategic alignment to Business strategy, ICT governance, and general ICT risk profile, exposures and controls of Licenced Holders and applicants seeking Authorisation based on established regulatory frameworks, technical standards and guidelines. The function therefore provides the necessary technical risk assessments and guidance as part of the Authority's holistic risk-based supervision model. It also supports the development of policy and supervisory work related to cybersecurity and ICT risk. Furthermore, the function provides technical support and coordination in terms of cybersecurity forensics, supervisory investigations or enforcement actions as required.

The Role


The selected candidate shall manage a team of cybersecurity and ICT risk professionals responsible for ongoing supervisory Cybersecurity and ICT assessments, and regulatory compliance in this aspect.

He or she will represent MFSA at various working groups and task forces at local and international level to support the continuous updating of supervisory cybersecurity and ICT risk assessments as well as related policy according to regulatory development and market evolution, working closely with all stakeholders at strategic, supervisory and operational level across the whole organisation. To this extent he or she will therefore drive the continuous development of cybersecurity/ICT guidance to Licence Holders and external ICT auditors.

The selected candidate shall also act as the primary contact at the Authority on cybersecurity and ICT-related incident management across the regulated financial services sectors. 

About You


We are looking for candidates with a solid foundation in Information Technology and Information Security principles, having a related degree at MQF level 6, and must have a professional background of at least six continuous years in IT Risk Assessment or IT Audit at a senior level, preferably in the Financial Services Sector. You would also ideally have had some previous working experience in Enterprise level IT operations or software development.

As a seasoned professional, the selected candidate would have certifications such as CISSP, CISM, or CRISC, and expected to have strong knowledge of cybersecurity frameworks and standards such as ISO 27000 series and NIST framework, as well as IT management and governance frameworks such as COBIT 5. You would be expected to be very conversant with applicable laws and regulations. 

You will also possess a minimum of six (6) years' working experience in the area related to the role.  Candidates with longer working experience relevant to the role will be preferred. As a people manager the selected candidate would have had at least three years (3) experience in managing a team of professionals in ICT risk and cyber security. We are looking for candidates with strong leadership skills, professional integrity and accountability. The selected candidate will also be an excellent communicator capable of collaborating effectively within and outside the organisation at all management levels.  

If you do not have the necessary academic or professional qualifications but you have at least ten (10) years of relevant experience, we would still be interested in speaking with you.

How to apply

or query further information


Candidates are to forward a copy of their Curriculum Vitae (C.V.) and an accompanying covering letter providing the motivation for the application to [email protected]

Other Important Information


The MFSA is an Equal Opportunities Employer as certified by the NCPE (National Commission for the Protection of Equality) and is committed to a policy of equal opportunity in all aspects of employment and will take care to avoid any form of discrimination in its recruitment procedures. The MFSA reserves the right to withdraw this call at any time and not to select any of the Candidates.

It is the responsibility of applicants in possession of qualifications awarded by Universities and other similar institutions outside Malta to produce a recognition statement on comparability of qualifications issued by the Malta Qualifications Recognition Information Centre (MQRIC). Applicants should do so preferably at application stage or otherwise at the preliminary interview should an applicant be selected for such interview. Details can be obtained by accessing the National Commission for Further and Higher Education website on www.ncfhe.org.mt under MQRIC heading.

The MFSA shall ensure that any processing of personal data is in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation), the Data Protection Act (Chapter 586 of the Laws of Malta) and any other relevant European Union and national law. For further details, you may refer to the Data Protection Policy on the MFSA webpage www.mfsa.com.mt.

Candidates are to note that the submission of any false statement/s or omission, even if unintended, may lead to the cancellation of their application and may render the candidate's appointment liable to termination.

Furthermore, please note that candidates may be asked to submit any documentation in support of the information provided, including but not limited to, proof of qualifications and Police Conduct Certificates.

 

Public call reference: 425/2019