The Cybersecurity and ICT risk function provides specialist services and support to Authorisation and Supervision teams at the Authority across all financial sectors as part of the overall supervisory framework.
It is responsible for the assessment of fit and proper Cybersecurity posture, ICT strategic alignment to Business strategy, ICT governance, and general ICT risk profile, exposures and controls of Licenced Holders and applicants seeking Authorisation based on established regulatory frameworks, technical standards and guidelines.
The function therefore provides the necessary technical risk assessments and guidance as part of the Authority’s holistic risk-based supervision model. It also supports the development of policy and supervisory work related to cybersecurity and ICT risk. Furthermore, the function provides technical support and coordination in terms of cybersecurity forensics, supervisory investigations or enforcement actions as required.
Reporting to the Senior Manager (Cyber security), you will carry out assessments of the cybersecurity posture of Licence Holders and applicants seeking authorisation whether carried out directly or carried out through external auditors.
You will also be actively involved in cyber security incident management and coordination at supervisory level, as well as investigations or enforcement actions as necessary in close collaboration with other supervisory teams.
We are looking for candidates with solid academic background in Networking, Information Systems or other bachelor’s degree at MQF Level 6 or higher. Candidates are expected to be in possession of IT certifications. Applicants in the process of obtaining CISSP or CISM certification will be preferred.
You will also possess a minimum of three years working experience in the area related to the role. Candidates with longer working experience will be preferred. The selected candidate will have in-depth knowledge in areas such as Network Security, Intrusion Detection & Prevention, Security Incident & Event Management, Application Security and forensic analysis.
*Dear Candidate, kindly note that this role is not managed by Castille. MFSA, in this case, is responsible to manage the application process. In case of any difficulties, feel free to contact firstname.lastname@example.org, and we will direct your query to the relevant contact at MFSA.