Trust Payments have an exciting opportunity for an Information Security Officer to join their team.
Most of Trust Payments are still working from home at present but we are starting to return to our Covid secure offices on a flexible basis. It’s great to see some old faces and many new ones. Whilst the last 18 months have been a tough time for everyone personally, we’ve adapted our strategy and continued our impressive growth. In that timeframe, we’ve hired and integrated close to 150 new starters and grown our revenues significantly as a business.
We have adapted our ways of working to ensure that new starters feel part of one big virtual team. From regular town halls to coffee mornings and dedicated mental health days, we want to ensure we put the needs of our employees first. Feedback from our new hires has been positive, they love our onboarding programme and how much it makes them feel integrated into Trust from the start.
Trust Payments was recently recognised for its accomplishments in employee engagement and is now considered one of the UK’s ‘Best Companies to Work having been awarded a 1 star rating indicating very good levels of workplace engagement.’ Winning accolades in three other categories include being One of Financial Services top 30 companies, one of London’s top 75 large companies, and one of Wales top 30 companies to work for.
Trust Payments (Malta) Ltd a regulated entity in the financial services space is looking to recruit the services of an Information Security Officer (ISO) to oversee the company’s ICT Security Function. Covering aspects of physical, digital and electronic security this position will report on overall risk in this area and implements appropriate security programs to address these.
A major component of the position is to provide business value by establishing smooth cooperation between the company and its outsourced partners. The task calls for an individual who is well versed and up to date on the latest threat landscape and is continuously looking to enhance and improve ICT security for the organization and its customers ensuring full compliance with statutory requirements. Finally, the ISO will work with other stakeholders ensuring that security needs are adequately discussed and prioritised in line with the company’s strategic plans.
- Act as the facilitator in the evaluation of cyber risk and discuss appropriate remediation with senior management
- Assess risk in line with the organisation’s information security policy
- Build a relationship with business units and technical teams to identify the environment, the attack surface, and the IT risk posture of the company
- Ensure effective execution of the ICT and Cybersecurity risk management framework in accordance with applicable EBA guidelines together with the CRO
- Assist the CRO in developing, implementing, and monitoring comprehensive information security and IT risk management program
- Assist the CCO and Outsourcing Officer on ICT related aspects during the implementation of the internal outsourcing framework
- Assist in or conduct risk analysis as required on IT-related changes. Ensure that any proposed system changes do not breach the company IT security policy
- Champion good security practice, awareness, and training throughout the organization. Carry out staff security awareness training upon hire and annually thereafter
- Monitor, Track, and Report on information security risks on all company initiatives
- Assist and advise company staff on IT security-related matters
- Determine security incidents and inefficiencies by conducting periodic audits, annual security reviews and firewall/router configuration reviews
- Be part of the Disaster Recovery and Incident response teams
- Participate in developing the IT security policies for the company
- Bachelor’s degree in a science or related field
- Experience in an Information Security role
- Solid knowledge of various information security frameworks
- Implementation and maintenance of technical controls and processes
- Familiar with the PCI DSS, SOC2 and ISO27001 standards
- Working knowledge of the OWASP application security document
- Awareness of common ICT vulnerabilities and methods of mitigation
- Certified Ethical Hacker (CeH) or similar considered an asset
- Familiar with project management frameworks such as PRINCE2 and Agile methodologies is a nice to have
- Computer literacy, Microsoft Office, CRM, DMS, data handling, record keeping
Competitive + benefits
Full-time with occasional out of hours maintenance work
To submit your CV for this exciting Information Security Officer opportunity, please apply below.
Trust Payments – KMP-62427