[social-icons loc="header"]

Information Security Officer

  • Full Time
  • Malta

Role purpose

As the Information Security Officer at Hudson, you will be responsible for ensuring seamless compliance with information security policies across the organization. Your goal is to achieve internal/independent security certification, showcasing Hudson’s commitment to safeguarding its information assets.

In this role, you’ll be the go-to expert, guiding the design and implementation of technology projects with your security acumen. As the custodian of Hudson’s digital legacy, you’ll play a pivotal role in fortifying our systems against evolving cyber threats.

The key duties and responsibilities of the role are as follows:

  • Reporting to and assisting the Chief Technology Officer (CTO).
  • Developing and managing information security strategies, policies, standards and procedures.
  • Protecting information and communications technology systems by conducting information security risk assessments on IT solutions, identifying risks and recommending security controls based on IT security policies, standards and global information security best practices (i.e. recommending software such as firewalls and antivirus solutions, performing regular penetration testing, vulnerability scans, addressing vulnerabilities, investigating and reporting violations/breaches to management and specifying access privileges and control structures).
  • Liaising with suppliers and service providers of security solutions.
  • Analyzing system events, logs, threat detection alarms and compliance reports and follow-up as required.
  • Define and track key performance indicators (KPIs) to measure the effectiveness of various information security initiatives.
  • Maintaining and improving security metrics, whilst recommending and liaising with DevOps team to implement and maintain IT security technologies.
  • Responsible for identity management system governance.
  • Ensuring adequate change control function for information security is in place.
  • Develop and Deliver security awareness training for employees and third-party contractors to raise security awareness.
  • Ensuring access to sensitive and confidential data is appropriately authorized and reviewed periodically, and that it will be retained only as long as required for legal, regulatory, and business requirements and in line with applicable legislation such as GDPR.
  • Liaising with the company’s internal and external audit function as required.
  • Performing any further tasks as may be assigned from time to time by senior management and in line with the exigencies of the service.
  • Conduct regular internal and external security audits to assess and enhance the organization’s security posture.
  • Lead incident response efforts and coordinate with relevant stakeholders to minimize the impact of security breaches.
  • Oversee the deployment and management of security monitoring tools to detect and respond to security incidents.

Key Stakeholders

Reporting line:

  • Chief Technology Officer

Direct Reports:

  • N/A

 

KPIs

  • Security Certification Achievement Rate: Percentage of successfully achieved internal/independent security certifications for Hudson.
  • Incident Response Time: Average time taken to respond to and address security incidents and violations.
  • Security Awareness Training Effectiveness: Evaluation of the impact of security awareness training on employees and third-party contractors.
  • Vulnerability Remediation Rate: Percentage of identified vulnerabilities that are successfully addressed and remediated.

Core competencies, knowledge, and experience

  • MQF level 6 or higher in information technology, computer engineering, computing science or similar.
  • Knowledge of computer hardware, software and networks, as well as security architecture, technology and techniques.
  • Knowledge of disaster recovery techniques.
  • Knowledge of risk assessment tools, technologies and techniques.
  • Certifications such as CISA, CISM and CISSP will be considered as an asset.
  • Strong knowledge of English and language.
  • 3+ years in information technology or similar positions.
  • Leadership and organizational abilities.
  • Interpersonal and communication skills.
  • Strong vendor management skills.
  • Problem-solving attitude.
  • Strong communication & feedback to direct team including key HQ departments.
  • Mentor and pass on any training and knowledge provided to the team.
If you’re applying for one of our retail stores, please make your selection above
Upload your CV/resume or any other relevant file. Max. file size: 128 MB.