Information Security Officer

We are looking for an Information Security Officer to join our Information Security team. Our team is small and highly involved across the organisation. At Andaria, Information Security is part of strategic discussions, meaning we contribute when decisions are being made, not afterwards.  This role offers a great opportunity for someone who wants to develop their career in Information Security and contribute ideas on how the Company can continuously improve its security posture.  Anyone joining the team will not only learn existing processes but will also be encouraged to challenge them and make them better. We strongly believe that diverse skills and perspectives strengthen the team, and we welcome candidates who bring curiosity, energy, and new ideas.

Responsibilities include:

• Support the development, implementation, and continuous improvement of the Information Security Management System (ISMS), including policies, procedures, and security controls.
• Assist in maintaining and enhancing the organisation’s information security framework in line with regulatory requirements (e.g. DORA, GDPR, MFSA, EBA) and standards (ISO 27001, PCI DSS).
• Conduct risk and vulnerability assessments, including regular vulnerability scanning and monitoring of emerging threats, to identify security weaknesses and assess their impact; coordinate with the respective teams to track and support remediation efforts.
• Support the end-to-end management of security incidents, including detection, analysis, response, escalation, and internal/external reporting, ensuring significant issues are promptly escalated to the Head of Information Security.
• Contribute to security audits, control testing, and regulatory assessments to ensure ongoing compliance.
• Support third-party risk management activities, including assessing and monitoring vendors’ security posture.
• Collaborate with IT and external service providers to ensure secure operation and continuous improvement of ICT and security controls.
• Promote and deliver security awareness and training programmes to foster a strong security culture across the organisation.
• Contribute to the preparation of security reports, metrics, and documentation for senior management and regulatory bodies.
• Participate in regulatory engagements, audits, and industry initiatives as required.
• Support the delivery of security projects and initiatives as directed by the Head of Information Security.

To fit within the Andaria team and as our new Information Security Officer, you should have: 

• Demonstrable experience in information security, cyber risk, IT compliance, or security operations.
• Strong understanding of information security frameworks and regulatory requirements, including ISO 27001, GDPR, and DORA.
• Experience with vulnerability management, incident response, security monitoring, and risk assessments.
• Excellent communication, documentation, and stakeholder management skills.
• Ability to work collaboratively across IT, risk, compliance, and business teams.
• Relevant certifications or ongoing studies are considered a plus.
• Experience in regulated financial services or EMI environments is an advantage.
  
  

What we offer:

• Competitive salary
• Clear growth path and opportunities in a rapidly growing business
• Comprehensive health and wellness benefits package
• Hybrid Working and flexibility
• Professional development opportunities
• Collaborative and inclusive work environment
• Opportunity to make a significant impact on the company’s growth and success