IT Security Manager

We're seeking to recruit an IT Security Manager to join our Information Technology Unit.  

If you're interested in joining us and satisfy the requirements outlined hereunder, then we're interested in you. 

Who we are

We're a leading financial institution, a key player in the Maltese market and part of a highly diversified multi-national group of companies. Employing a team of 220 employees, the Bank offers a full range of lending and savings solutions to both personal and business customers. We strive to offer a highly personalised service through our network of twelve retail branches spread across the Maltese Islands.

We're a team of inspired people who believe that opportunities start with a conversation.

Duties and Responsibilities


In this hands-on role the IT Security Manager will be part of our IT team whose main focus will be on managing operational IT Security, liaising with in-house IT members as well as other external IT Security officers and entities, both locally and internationally. The IT Security Manager will drive the organisation's Systems and Infrastructure from an IT Security perspective.

You will be responsible to:

  • review the IT Security Corporate Information policy, which forms the IT Security foundations for the organisation as well as create and review other security policies and procedures as required from time-to-time, to remain compliant with IT security standards specifically ISO27001 and other IT Security best practices in all IT environments and systems;
  • monitor, control and follow-up on anti-malware, patch management, software updates, encryption, other end-point devices particularly mobile devices and usage of unlicensed software alerts;
  • coordinate and provide IT Security Awareness programs;
  • investigate and follow-up on IT Security incidents;
  • work and liaise on technical IT Security projects both on the IT Infrastructure and IT Systems areas;
  • provide guidance toward addressing security findings from IT Security reviews and penetration testing, identify technical vulnerabilities and define remediation measures with the goal to create, review and update IT security related operational procedures;
  • report IT Security findings by providing monthly and quarterly reports whilst following-up on detected results;
  • keep abreast with IT Security practices and technological advances in this field; and
  • plan and implement comprehensive security strategies.

Competencies and experience

The potential candidate should be reliable and trustworthy, well-organised with a disposition to learn and have a team-oriented approach.

You must:

  • hold an IT/Engineering degree;
  • have a minimum of 5-years' working experience in the IT sphere with a minimum of 2-years' experience in the IT Security field;
  • ideally have qualifications on the IT Security area and/or is in the process of obtaining an IT Security related certification such as CEH, CISM, CISSP or similar;
  • have 2 years leadership and management experience;
  • ideally have vendor certifications such as CCNA/CCNP and MCSE;
  • have excellent knowledge of IT Infrastructure and the IT Systems field, ideally in the financial services sector;
  • possess strong analytical skills and excellent verbal and written communication skills;
  • have a strong command of the English language;
  • be a great team-player;
  • have willingness to mentor, guide and support colleagues; and
  • have a technical appetite with a desire to keep on learning and is up-to-date with the latest security threats and measures.

Technical Skills

You must:

  • have an excellent understanding of security components such as firewalls, URL filter, end-point protection amongst others;
  • have knowledge of security standards (such as PCI-DSS, ISO27001);
  • have practical knowledge of Microsoft Active Directory, SCCM, Microsoft SQL server and IIS;
  • have practical knowledge of Microsoft Server and desktop environments;
  • have practical knowledge of Microsoft Azure environments and particularly Microsoft O365 environments with a focus on the Security and Compliance centre;
  • have a practical know-how to conduct internal penetration testing and report on the relevant findings;
  • have experience with virtualisation;
  • have practical knowledge of monitoring, alerting, audit and logging systems;
  • have experience with scripting languages, particularly Windows PowerShell; and
  • have experience of Cloud based solutions and security, such as Azure which will be considered as advantageous.

How to apply

If you want to be part of our team, we invite you to send us a detailed CV highlighting your achievements. Applications should reach the Bank only by email on

Malta Stock Exchange
©2021 - BNF Bank plc - All Rights Reserved
BNF Bank plc is a credit institution licensed by the MFSA to undertake
the business of banking in terms of the Banking Act 1994.