Enemalta plc is the leading energy service provider in the Maltese Islands, entrusted with the distribution of electricity and the development of the national electricity distribution network.
We are committed to the ongoing development of a highly skilled, diligent team of staff to maintain an effective level of service to our customers. As part of this process, we are inviting motivated individuals interested in joining our Company to apply for the post of:
Professional Executive (ICT – Cyber Security)
(Jobsplus Permit No. 406/2023)
Further details about this position including key responsibilities and requisites are available hereunder.
If you are interested in this opportunity, kindly fill in and submit the below form, including all required attachments, by not later than Sunday 17th March 2024 (midnight).
All applications will be acknowledged and treated in strictest confidence.
Professional Executive (ICT – Cybersecurity)
1. Scope
The Professional Executive (PE) (ICT – Cybersecurity) will operate independently and collaborate with technical teams and other stakeholders to ensure that the Company’s ICT infrastructure is protected from cyber-attacks. The PE (ICT – Cybersecurity) will be expected to assess existing systems for vulnerabilities and implement technical solutions to address any weaknesses. The PE (ICT – Cybersecurity) will also be required to carry out ongoing monitoring of operations to identify and investigate cyber-risks in an efficient and effective manner.
2. Duties and Responsibilities
2.1 Critically assess the existing ICT portfolio (software systems, infrastructure and processes) to identify risks and make recommendations to increase the level of security and resilience of the Company’s LAN, WAN and Cloud environments.
2.2 Prepare and maintain an ongoing programme of security improvement initiatives with regular reporting on project status and deliverables.
2.3 Guide technical teams on the sourcing of new systems (software/hardware) to ensure new systems have adequate protection. This applies to providing guidance on tendering specifications as well as technical guidance for systems developed in-house within the Company.
2.4 Liaise with technical teams to design, implement and maintain ICT network security infrastructure with solutions such as firewalls, intrusion detection/prevention systems, failover solutions and data recovery.
2.5 Monitor on-going operations using all available security tools to identify and investigate any actual or potential information security incidents and make recommendations of appropriate solutions to eliminate or mitigate their potential effects.
2.6 Maintain a detailed log on all identified incidents and actions taken.
2.7 Instil and nurture a cybersecurity awareness culture within the Company through regular communication campaigns and deliver focused training courses across all levels of the organisation.
2.8 Perform ad-hoc general and targeted phishing campaigns throughout the Company’s network in a systematic manner to gauge the effectiveness of user awareness initiatives.
2.9 Maintain, configure and administer the Company’s cybersecurity tools which includes but is not limited to monitoring software, applications software and other network-related equipment.
2.10 Actively protect information technology assets and infrastructure from external or internal threats by carrying out vulnerability assessment on ICT devices and networks to ensure compliance with statutory and regulatory requirements regarding information access, security and privacy.
2.11 Develop and maintain Standard Operating Procedures (SOPs) and policies related to cybersecurity.
2.12 Liaise with subcontractors and third parties related to the deployment of security systems.
2.13 Liaise with ICT teams within the Company to develop, implement and test security systems.
2.14 Liaise with the DPO on data loss prevention.
2.15 Keep updated on industry trends and developments on cybersecurity and evaluate new technologies (software and hardware) to improve the Company’s cybersecurity and make recommendations.
2.16 Performs any other post-related duties as assigned by the Divisional Manager ICT or his/her delegate.
3. Organisational Relationships
3.1 Structural
Reports to the Respective Manager and/or Senior Manager.
4. Knowledge & Skills
4.1 Sound knowledge of programming skills preferably in C#, Javascript and PERL.
4.2 Deep understanding of network protocols (Http, Ftp, SMB, SSH).
4.3 Deep understanding of encryption algorithms, certificates and encryption keys.
4.4 Good knowledge of Windows and Linux environments.
4.5 Excellent communication skills.
4.6 Excellent writing and technical authoring skills.
4.7 Excellent problem-solving skills.
5. Qualifications & Work Experience
5.1 The PE (ICT – Cybersecurity) must be in possession of an ICT-related recognised Bachelor’s Degree at MQF Level 6 (subject to a minimum of 180 ECTS/ECVET credits or equivalent );
AND
5.2 The PE (ICT – Cybersecurity) must have at least one (1) year of related work experience.
_______________
[1] A recognised qualification as requested is only accepted subject to an MQRIC formal recognition statement being submitted with the application.