fbpx

VACANCY NOTICE


Fondi BESA sh.a Lending Institution for Businesses, announces competition on vacancy notice in the position of ISO Information Security Officer, at the Cabinet of the Executive Director, in the headquarters:

Main requirements for candidates in this position are as below:

  • University Diploma in Computer Sciences, Electronic Engineering or other similar fields;
    • Preferably 2-year experience in the field of information security of information technology, including computer and data security.
    • Experience as administrator in Microsoft Windows systems and in network protocols (LAN / WAN), firewalls, encryption techniques, prevention systems, discovery of viruses and penetration;
    • Very good analytic and risk assessment skills;
    • Very good skills on preservation of confidentiality for sensitive information;
    • Capable of handling virus duties/projects simultaneously
    • Ability to work independently with high attention to details;
    • Substantial knowledge on computer networks, on internet security, servers (database, e-mail, active directory, Web server);
    • Substantial knowledge on monitoring/functioning of data systems;
    • Substantial knowledge on information security concepts, challenges and best required practices;
    • Good command of English language;
    • Experience in IT risk administration, legal compliance and drafting and development of Information Security Policies;
    • Knowledge on the activity of state or central authorities with the object of activity in the field of Information Security (such as AKCESK, Bank of Albania) or information security practices in the banking field or microfinance;
    • Experience in the development of education/training programs in the field of security awareness;
    • Must possess very good verbal and written organizational and communication skills;
    • General knowledge on requirements of regulatory framework and standards such as.: ISO27001, ITIL, CoBIT, etc.;
    • General knowledge on GDPR (General Data Protection) of the EU;

Main duties to be in charge of:

  • The Information Security Officer is responsible for the supervision of information security, cybersecurity and IT risk management program based on the structure of ISO27001 standard;
    • The Security Officer reports directly to Deputy Executive Director in order to assist in the improvement and communication of information security level and IT risk practices;
    • Coordinates the continuous development, implementation and update of security and privacy policies, standards, instructions and procedures of Fondi Besa in compliance with the laws of the Republic of Albania, regulation of the Bank of Albania and Commissioner for the Right to Information and Protection of Personal Data;
    • Develops and administers “framework”, processes, instruments and consultancy for IT Department in order to administer properly the IT risk and in order to exercise decisions on risk assessment as far as IT activities are concerned;
    • Identifies and minimizes interactively the IT risks as well as responds to findings or observations of external auditors, as well as prepares periodic reports for the executive sector on compliance of IT controls and actual exposure of IT risk;
    • Assists the Director and IT staff in audit procedures and administrative responses and in the undertaking of necessary measures;
    • Assists in the expansion and deepening of knowledge of the entire IT staff in view of the delivery of new projects, new initiatives in the field of IT and coherent framework of IT instruments and solutions.
    • Identifies levels of acceptable risk and assists with plans of measures, changes in policies and procedures in order to minimize risks;
    • Offers strategic recommendations for key IT projects in order to benefit accurate results, high quality of projects in compliance with security framework and laws of Albania;
    • Assists and recommends in the recruitment process of full time and part time employees of IT staff as well as of the entire staff of Fondi Besa;
    • Conducts information evaluations on IT staff. Instructs, trains and assists in the professional development of IT staff;
    • Trains/sensitizes staff of Fondi Besa in the field of information security as well as cybersecurity;
    • Collects, reviews or investigates data on breach/hacking of information security; prepares reports of findings or facts in a written form, recommendations and evaluations for interaction.
    • Coordinates respond/reaction to information security incidents and carries out the preparation of reports on potential events or vulnerabilities, including unauthorized access in systems or network, disruption of services, unauthorized access in data, damage of data and illegal collection of personal or confidential information;
    • Coordinates and suggest to third parties (contractors, etc.) in compliance with information security policies and procedures of Fondi Besa;
    • Reconciles and interacts with state authorities (Akcesk, Bank of Albania, State Police, Commissioner for the Right to Information and Protection of Personal Data) on information security issues;

All candidates must submit the following documents:

  1. Employment request;
  2. Curriculum Vitae;
  3. Photocopy of University Diploma associated with a list of grades;
  4. Various qualification certificates;
  5. Employment reference from recent employer;
  6. Photographs (1 piece)

The required documentation must be submitted by email within December 31, 2022 to our official address of the Institution as below:

[email protected]

For any other information you can visit our website www.fondibesa.com.